Ixaris’ ambitious growth plans demand an Information Security Engineer to support our team, which currently serves customers in over 50 countries. Ixaris helps companies make smarter payment choices, processing $billions in outbound payments for sectors including travel, media and insurance.
If you want to work in a company where security is valued by every individual — read on.
Our Information Security Engineer works across teams to ensure that both security and compliance are maintained at all times, protecting our business and customer data. They also engage with third parties to perform security assessments and audits. This role forms part of our Information Security Team, which is responsible for the continuous maintenance and improvement of overall security posture, technology risk management and regulatory compliance.
Reporting to the Head of Information Security, this role is tasked with the following key deliverables:
- Responsible for planning, organising and supervising PCI DSS audits, as well as leading PCI DSS activities
- Performing business impact / risk assessments and assisting with the security awareness programme
- Assist in the design and implementation of the company information security framework
- Continuously monitor and analyze security alerts, audit logs and reports
- Conduct and coordinate penetration testing exercises and vulnerability assessments internally and with external testers
- Perform regular auditing and investigations to identify potential or confirmed security incidents
- Report and follow up on incidents with team members and escalate with management where necessary
- Recommend mitigations and counteractions to risks, vulnerabilities and threats
- Vet new applications and modifications with production owners and developers to identify possible risks
- Drive, investigate, procure and eventually deploy operating and monitoring tools to enhance information security
- Document and review policies and procedures including change, incident, patch and configuration management
- Coordinate, document and participate in the development of the business disaster recovery and business continuity plans
- Assist with the ongoing maintenance of regulatory requirements
- Manage the security awareness training programme for employees while continuously providing security knowledge and tips to teams across our company
- Monitor the effectiveness of information security processes and controls
- Engage in the security community and keep abreast of information security incidents
- Perform other security-related duties as necessary
- Degree in Computer Science, Information Systems or other IT related area
- 3+ years experience in a similar role
- In-depth understanding of the PCI DSS standard with experience of running an internal PCI DSS programme or consulting with PCI DSS,
- Experience working with and knowledge of laws and regulations such as the EU Data Protection (GDPR) and the Revised Directive on Payments Services (PSD2)
- Knowledge of operating system fundamentals (Windows, Linux), security technologies (firewalls, IDS/IPS, etc.) and associated security risks
- Deep understanding of common coding security vulnerabilities
- Ability to quickly adapt to changing environment and to work on own initiative with minimal supervision
- Information Security Certifications (such as Security+, Ethical Hacking, CISA, CISM, CRISC) are considered an asset
- Ability to travel regularly to our office in Malta
From launching Europe’s first virtual cards to shaping the future of payments, innovation is in Ixaris’ DNA. Combining a consultative approach with the award-winning Ixaris Payments platform, Ixaris is a Principal Issuing Member of Visa and Mastercard, with customers in more than 50 countries.