Information Security Specialist/Senior Specialist

Apply now »

Date: Jul 28, 2025

Location: Tirana, BKT ALBANIA

Company: BKT

Purpose of the Role

To support the implementation and continuous improvement of the Information Security Program by ensuring the confidentiality, integrity, and availability of the bank’s information assets. The role contributes to the governance, risk management, and operational security posture of the organisation.

 

Key Responsibilities

Information Security Governance

  • Support the implementation of the Information Security Governance Framework.
  • Assist in the development, review, and enforcement of security policies, standards, and procedures.
  • Ensure compliance with internal policies and external regulations (e.g. GDPR, ISO/IEC 27001).

Risk Management

  • Participate in risk identification, assessment, and treatment activities.
  • Contribute to the development and maintenance of the Information Security Risk Register.
  • Support the execution of risk treatment plans and monitor mitigation effectiveness 

Security Operations

  • Monitor security events and alerts using SIEM tools (e.g. Splunk).
  • Assist in vulnerability assessments and coordinate remediation with relevant teams 
  • Support incident response activities and maintain incident documentation.

Business Continuity & Disaster Recovery

  • Collaborate in the development and testing of Business Continuity and Disaster Recovery Plans.
  • Participate in scenario-based exercises and ensure documentation is up to date 

Awareness & Training

  • Promote a culture of security awareness across departments.
  • Deliver or support training sessions on data protection and secure practices 

Collaboration & Reporting

  • Liaise with internal stakeholders and external authorities (e.g. National Cyber Security Authority).
  • Prepare reports and dashboards for ISD management and regulatory bodies.

Required Qualifications

  • Bachelor’s degree in information technology, Cybersecurity, or related field.
  • Minimum 2–3 years of experience in information security, IT audit, or risk management.
  • Familiarity with ISO/IEC 27001, NIST, GDPR, and other relevant frameworks.
  • Experience with security tools such as SIEM, DLP, vulnerability scanners.

Preferred Certifications

  • CISA, CISM, CDPSE, ISO 27001 Lead Implementer/Auditor, or equivalent.

Key Competencies

  • Strong analytical and problem-solving skills.
  • Excellent verbal and written communication.
  • Ability to work independently and in cross-functional teams.
  • High ethical standards and attention to detail.

 

Interested candidates are encouraged to apply until 11.08.2025 

All applications will be treated with the highest confidentiality. Only candidates that meet our criteria will be notified.