The position is based in Rome. Reporting to the CIO and collaborating with the CTO, the candidate will be the responsible for Information Systems & Technology's security and compliance. She/he monitors and address any digital information issue, by implementing policies, procedures and actions aimed to improve security both on Infrastructure and Application sides and operating daily to prevent risks coming from inside or outside the Company.
- Define and implement the IT Security strategy, integrating Group policies and recommendations in order to to improve security both on Infrastructure and Application sides;
- Apply the Security & Privacy by Design policy, interacting with DPO, IT Managers, Business Owners;
- Conduct continuous assessment on IT Security practices and systems, identifying areas of improvement;
- Run security audits and risk assessments, to guarantee compliance to internal/external regulations;
- Collaborate to definition, application and monitoring of Segregation-of-Duties approach
- Oversee the investigation of reported security breaches, interacting with Group SOC
- Maximize security awareness throughout the entire Company and communicate periodically to key stakeholders about security initiatives and threats.
- University degree in Computer Engineering, Information Technology, or equivalent;
- 5 to 7 years of previous working experience in a similar role, focusing on IT Security management, System & Network administration;
- Deep knowledge of security concepts, related to DNS, routing, authentication, proxy services;
- Good knowledge of secure coding practices, threat modeling, intrusion detection;
- Requested certifications: ISO27001, Audits CISA, CRISC, COBIT5;
- Fluent Italian and proficient English level;
- Exceptional project management, organization and interpersonal skills.