Cyber Risk Analyst Venezia

Cyber Risk Analyst
Venezia
Veneto, Venezia

The role is part of the Cyber Security function, the candidate will be responsible for supporting the area in the adoption, management and evolution of corporate solutions in the Cyber Risk management topics and will collaborate with the corporate structures to conduct risk assessment and directing risk monitoring plans and related remediation. Main responsibilities:Implement a risk-based approach to prioritize development of secure patterns for high-risk assets or activities. Update Sky risk management process in accordance with the industrial best practices and with Sky Policy. Cooperation with the group structures for cyber risk management activities. Use of the corporate cyber risk management platform to manage the cyber risk register. Continuously update the risk management process in accordance with the industrial best practices and with the company Policy. Management of Exceptions process to policies, standards and guidelines. Monitoring and reviewing security controls to identify their operational effectiveness. Facilitate audits and remediations of any findings noted in cyber security dept. Support on cyber security compliance on GDPR, SOX and PCI/DSSProvide reporting to management for all aspects of Cyber Risk as required. Metrics and Reporting:Creation of reports on the status of risks, KRIs and managing communication in the Enterprise Risk Committee meetings. Development of visual dashboards that board directors can use to monitor risksControl of the effectiveness of the metrics adopted. Requirements:Proved experience in similar roles, gained in consulting companies and / or large companies in the ICT sector in relation to cyber risk management projects. Master degree in Computer Science or Telecommunication Engineering. Knowledge of the landscape of norms and standards in the privacy / information security field (HIPAA, NY DFS, GDPR, CCPA, ISO / IEC 27000, NIST, PCI DSS, etc.

)Knowledge of the main Risk Management / Control Frameworks (COSO, COBIT, ISO, ITIL, NIST, FAIR, etc.

). Able to articulate cyber risk management concepts to a wide range of recipients. Excellent knowledge of cyber risk management tools and experience in using some of them. Excellent understanding of ICT services and architecturesThe achievement of CISSP, CISA, CISM, SANS GIAC, SABSA certifications will be considered a preferential title. Languages: Italian, EnglishSoft skills:Excellent verbal and written communication skillsAbility to constructively and proactively interact with all the stakeholders, respecting the work needs and the role of each. Flexibility, autonomy, speed; proactive and highly assertive candidate, with a strong goal orientation.

#J-18808-Ljbffr