Chief Information Security Officer Lazio

Chief Information Security Officer
Roma
Lazio, Lazio

Security management certification (CISM, CISSP); Information security management frameworks (ISO/IEC 27001, NIST); Financial frameworks (PSD2, SWIFT Security Programme, Circ.

285); Contract and vendor negotiations; Agile software development; Cloud Computing/Elastic Computing across virtualised environments;

We are looking for someone who will:

- Develop and enhance an information security management framework

Provide leadership to the enterprise's information security organization

- Partner with business stakeholders across the company to raise awareness of risk management concerns

- Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems

**Tasks

-

Security operations**: Real-time analysis of immediate threats, and triage when something goes wrong

-

Cyber risk and cyber intelligence**: Keeping abreast of developing security threats, and helping the board understand potential security problems that might arise from acquisitions or other big business moves

-

Data loss and fraud prevention**: Making sure internal staff doesn't misuse or steal data

-

Security architecture**:Planning, buying, and rolling out security hardware and software, and making sure IT and network infrastructure is designed with best security practices in mind

-

Identity and access management**: Ensuring that only authorised people have access to restricted data and systems

-

Program management**: Keeping ahead of security needs by implementing programs or projects that mitigate risks, i. e.

regular system patches

-

Investigations and forensics**: Determining what went wrong in a breach, dealing with those responsible if they're internal, and planning to avoid repeats of the same crisis

-

Governance**: Making sure all of the above initiatives run smoothly and get the funding they need—and that corporate leadership understands their importance

**Skills

- Degree in business administration or a technology-related field required

- Professional security management certification (ex.

CISM, CISSP)

- Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST

- Knowledge of common financial frameworks, such as PSD2, SWIFT Security programme, Circ.

285

- Excellent written and verbal communication skills and high level of personal integrity

- Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams

- Experience with contract and vendor negotiations and management including managed services

- Specific experience in Agile (scaled) software development or other best in class development practices

- Experience with Cloud computing/Elastic computing across virtualised environments

**Competencies

- Communication and presentation skills

- Policy development and administration

- Negotiation skills

- Knowledge about the state government

- Collaboration and conflict management skills

- Planning and strategic management skills

- Supervisory skills

- Incident management

- Knowledge of regulation and standards compliance

- Risk assessment and management

- Fluent in Italian and English