Head of IT Security

Valletta Credit Finance Corporation Ltd is currently seeking to expand its IT Security Team and is on the lookout for a motivated individual to join the team. By way of background, Valletta Credit Finance Corporation Ltd is licensed by the Malta Financial Services Authority as a Financial Institution and offers its clients payments related services and is a principal member of VISA and Mastercard.

Our company is seeking a Head of IT Security to lead and strengthen our information security function. This senior leadership role is accountable for defining and executing the company’s security strategy, ensuring the availability, integrity, and confidentiality of all organizational systems and data in compliance with internal policies, regulatory requirements, and industry best practices. The Head of IT Security will work closely with business leaders, regulators, and the ICT team to establish a proactive, risk-based security culture across the organization.

Key Responsibilities:

• Build strong relationships with business units and technical teams to identify the environment, the attack surface, and the IT risk posture of the company.

• Take overall accountability for reporting on IT risks facing the organization and providing recommendations to senior management.

• Oversee and perform regular internal and external vulnerability scans on core systems and the hosting environment, raising tickets and ensuring timely remediation with the respective teams.

• Carry out and approve security reviews for new or major changes in applications, infrastructure, and systems.

• Provide expert security input on new projects and initiatives, ensuring risks are identified early and effectively mitigated.

• Monitor security controls including malware reports, email quarantine, and other detection systems, taking a proactive approach to threat response.

• Conduct or supervise penetration testing assignments as required.

• Act as the main liaison with security auditors and regulators, ensuring compliance with industry standards and regulatory obligations.

• Keep up to date with the latest threat intelligence and oversee the delivery of information security awareness training sessions across the company.

• Serve as the primary security advisor to the executive team, ensuring they are informed on key risks, incidents, and required investments.

Talent Profile

• Degree in Information Technology, Cybersecurity, or equivalent.

• 5+ years working in an information security position, with at least 3+ years in a managerial role.

• Proven experience in building and leading security programs, teams, and governance frameworks.

• Strong knowledge of security standards (PCI DSS, ISO 27001, NIST, GDPR) and best practices.

• In-depth understanding of application, infrastructure, and network security (including OWASP Top 10).

• Professional certifications such as CISSP, CISM, CISA (OSCP a plus).