Security Analyst

Malta
Training
Full-time

1 month ago

Overview:SOFTSWISS continues to expand the team and is looking for a Security Analyst. We need a true, experienced, and accomplished professional who shares our culture and values.Purpose of the role:You’ll be the connective tissue between security strategy and execution across a multinational company operating in regulated markets across multiple jurisdictions. This isn’t a checkbox audit role - you’ll own the security assessment lifecycle for systems and processes, define security requirements and hold teams accountable to them, and coordinate work across specialized security teams to drive outcomes on cross-cutting initiatives. You’ll work closely with business and technical stakeholders who move fast, and your job is to make sure security moves with them rather than behind them.Key responsibilities:

Own the security assessment lifecycle for new and existing systems, tools, and integrations - from initial scoping and risk identification through requirements definition to remediation verification
Create clear, actionable security requirements for systems and processes, and verify that implementations meet those requirements - closing the loop rather than just filing findings
Decompose complex security initiatives into concrete workstreams and coordinate their execution across specialized security teams (e.g., infrastructure security, application security, SOC), driving alignment without direct authority
Collaborate with business and technical owners to understand system purpose, data flows, and trust boundaries, translating what you find into risk language that stakeholders actually act on
Review and challenge access models as part of system assessments, ensuring permissions reflect need-to-know principles and don’t silently expand over time
Contribute to strategic security projects - data security, AI governance, and other emerging areas - as both an analytical resource and a coordinator
Develop and maintain security policies and guidelines for software and technology usage across the organization

Required Experience:

3+ years of hands-on experience in cybersecurity, with meaningful exposure to security assessments, risk analysis, or GRC functions
Demonstrated ability to assess systems and integrations end-to-end - not just identifying risks but defining what “fixed” looks like and verifying it got done
Working knowledge of risk assessment methodologies, access control principles, and at least one major governance framework (ISO 27001, NIST CSF, or equivalent)
Experience operating in or alongside regulated industries - financial services, fintech, or similar high-compliance environments strongly preferred
Ability to coordinate across multiple teams and stakeholders without formal authority - you influence through clarity, preparation, and follow-through
Strong written and verbal communication in English - you’ll be drafting requirements, writing assessments, and presenting findings to both technical teams and business leadership

Nice to have:

Experience in multinational or multi-entity environments where regulatory landscapes vary across jurisdictions
Familiarity with AI governance, including practical challenges around shadow AI, third-party AI services, and emerging regulatory requirements (EU AI Act, etc.)
Background in data security strategy or classification - understanding how data flows across systems and where controls should sit
Track record of taking ambiguous, high-level security objectives and breaking them into structured, executable plans

Main Advantages

Private insurance (depending on contract type)
Paid gym membership
Comprehensive Mental Health Program
Free English lessons (online)
Local language courses
+1 day off per calendar year
Referral program rewards
Upskilling, internal workshops, and participation in professional conferences and corporate events

Softswiss

Apply Now