Position summary:

Information Security Officer will be responsible for overseeing information security, cybersecurity and IT risk management programs based on industry-accepted information security and risk management frameworks.

UNITED BANK OF ALBANIA (UBA) is seeking to employ a qualified, dynamic and motivated candidate to join Risk Department in Head Office TIRANA.

Job Tasks and Responsibilities:

1. Preparation and continuous improvement of the Information Security Policy, standards and other supporting documentation in the field of information security;
2. Monitoring compliance of security policies and procedures among employees, contractors and third parties.
3. Performing information security risk analysis and ongoing analysis of threats, vulnerabilites and security controls related to the security of information;
4. Responsible for defining the IT security strategy, as well as determining new or adjustment the current IT security measures, in accordance with the Bank’s strategic security documents;
5. Responsible for managing the process of Business Continuity Management (BCM) and follow-up the activities related to the BCM (such as disaster recovery, back-up procedures and system recovery from back-up);
6. Setting up Cyber Security Incidents Response Plan and Creation of internal procedures for security incidents and actions in case of appearance of the same within the Bank;
7. Development of Training and Awareness Program on Information Security Coordination of measures to increase the awareness of the Bank employees related to security of information;
8. Managing risks related to outsourcing;
9. Periodical reporting to the superiors on the information system security status on the planning and implementation activities;
10. Control of system logs related to Information security;
11. Takes care of users rights (privileges), procedures on assigning the privileges and ”conflict of interest”, as well as whether these are assigned or revoked timely and correctly;
12. Follows (or even keeps) register of the operational risks related to the information security (delay/shutdown of the core banking system, other incidents related to IS having impact on bank business etc.);
13. Conducts and follows up penetration tests and vulnerability tests, and monitors whether the indicated defaults/errors are eliminated;
14. Responsible for information security aspect in change management process;
15. Participates in the analysis of new products from the risks and security aspect;
16. Evaluate and recommend new information security technologies and counter-measures against threats to information or privacy.
17. Ensuring that all IT and information security programs are in compliance with applicable laws, regulation and polices.
18. Monitors the compliance with Data Protection Laws and Regulations and is part of the team established for this purpose;
19. Participates and report related to Secuirty isuess in IT Committee Meetings and in BCM Committe Meetings;

Job requirements:

1. Relevant University
2. At least 3 years solid experience working in IT and/or Information
3. As a professional, to fit the profile of a strong organizer and
4. Highly proficient in English
5. Excellent knowledge in IP protocol and network security technologies;
6. Strong adaptability and curiosity in new technological practices or new solutions
7. Personality described as both driven and structured and analytical
8. Excellent relationship management and networking
9. Sensitive to organizational needs and interests to a high
10. Professional certification is preferred (such as CISSP, CISM, CISA or other information security credentials).
11. Knowledge of information security and control frameworks such as ISO 27001, ISO 27002, ISO 27005, COBiT, COSO and ITIL.

The interested candidates should present the detailed Curriculum Vitae to the Human Resources Department, before July 31, 2022.

Only the candidates that meet the criteria will be contacted for the interview.