Cyber Risk Analyst Milano

Cyber Risk Analyst
Milano
Lombardia, Milano

Sky Explore a career at Sky, Europe's leading media and entertainment company. Make a positive impact on millions. The role is part of the Cyber Security function, the candidate will be responsible for supporting the area in the adoption, management and evolution of corporate solutions in the Cyber Risk management topics and will collaborate with the corporate structures to conduct risk assessment and directing risk monitoring plans and related remediation. Main responsibilities: Implement a risk-based approach to prioritize development of secure patterns for high-risk assets or activities. Update Sky risk management process in accordance with the industrial best practices and with Sky Policy. Cooperate with the group structures for cyber risk management activities. Use the corporate cyber risk management platform to manage the cyber risk register. Continuously update the risk management process in accordance with the industrial best practices and with the company Policy. Manage the Exceptions process to policies, standards and guidelines. Monitor and review security controls to identify their operational effectiveness. Facilitate audits and remediations of any findings noted in the cyber security department. Support on cyber security compliance on GDPR, SOX and PCI/DSS. Provide reporting to management for all aspects of Cyber Risk as required. Metrics and Reporting: Create reports on the status of risks, KRIs and manage communication in the Enterprise Risk Committee meetings. Develop visual dashboards that board directors can use to monitor risks. Control the effectiveness of the metrics adopted. Requirements: Proven experience in similar roles, gained in consulting companies and/or large companies in the ICT sector in relation to cyber risk management projects. Master's degree in Computer Science or Telecommunication Engineering. Knowledge of the landscape of norms and standards in the privacy/information security field (HIPAA, NY DFS, GDPR, CCPA, ISO/IEC 27000, NIST, PCI DSS, etc. ). Knowledge of the main Risk Management/Control Frameworks (COSO, COBIT, ISO, ITIL, NIST, FAIR, etc. ). Able to articulate cyber risk management concepts to a wide range of recipients. Excellent knowledge of cyber risk management tools and experience in using some of them. Excellent understanding of ICT services and architectures. The achievement of CISSP, CISA, CISM, SANS GIAC, SABSA certifications will be considered a preferential title. Excellent verbal and written communication skills. Ability to constructively and proactively interact with all stakeholders, respecting the work needs and the role of each. Flexibility, autonomy, speed; proactive and highly assertive candidate, with a strong goal orientation. J-18808-Ljbffr