Global Director Of It Security Milano

Global Director Of It Security
Milano
Lombardia, Milano

GLOBAL DIRECTOR OF IT SECURITY

- (hybrid work setup from any location worldwide) _

**The Opportunity

We have an exclusive mandate from **gategroup to search and select the Global Director of IT Security.

This is a unique career opportunity to join a global player in the aviation industry and to make impactful changes in the company and in the aviation industry.

**The Company

gategroup is the global leader in airline catering, retail-on-board and hospitality products and services.

In 2019, gategroup reached CHF 5. 0 billion in revenues generated by approximately 43, 000 employees worldwide.

**Your mission

- Challenge, guide and support the leadership of the Cyber Security department in delivering the best possible IT Security solutions to gategroup.

- Ensuring that the roadmap for future security technologies focuses on the right priorities and is understood and adopted across the company.

- Subject Matter Expert on various Application, Infrastructure, and Enterprise Security topics

- Partner with leaders across the organization and lead the journey for a Security and risk program for the company

- Be hands-on and ensure operational risk management efficiencies across the enterprise, with target industry regulations including PCI, SOX, GDPR and CCPA.

**Main Duties and Tasks**:

- **Create, manage, and motivate a security team to cover worldwide security requirements and incidents**:

- Develop, plan, implement and provide oversight of an enterprise security program and roadmap

- Ensure continuity of security controls

- **Establish a vision for governance and reporting **and ensure the development of an ERM program

- Support the implementation and on-going management of the corporate risk framework for standards and practices relative to **operational risk management**:

- **Lead the security incident detection **and response program with a hands-on attitude

- **Design audit procedures **and monitoring solutions

- Maintain a working knowledge of SOX, PCI DSS, GDPR and CCPA

- Develop and implement information security and disaster recovery programs in accordance with organizational information security standards

**Your Qualifications

- Deep understanding of the market landscape for enterprise technology solutions.

- Experience managing vendor relationships and contract administration with a focus on performance.

- Thrives on change, showing an **impressive ability to drive the IT security strategy forward.

**:

- Expert, high-level knowledge of legacy and emerging technology landscape.

- **Understanding of key infrastructure technologies and associated architectural considerations.

**Education**:

Bachelor's degree or an equivalent combination of education and experience is required.

**Work Experience**:

- 10+ years experience in designing, delivering, or managing information security services at an enterprise level.

- Technical hands-on experience across security domains

- Experience in planning, implementing, and assisting in testing security controls.

- Effective organizational skills (including attention to detail) and the ability to implement change.

**Technical Skills**:

- Experience and deep knowledge of relevant legal and regulatory requirements, such as Export Control regulations and General Data Protection Regulation (GDPR).

- Strong knowledge and understanding of security frameworks, including ISO27001, CoBIT, Center for Internet Security (CIS), and ITIL.

- CISSP, CISSP-ISSAP, CISM desired.

- Hands-on in infrastructure security: network security - firewall security as a service - Data infrastructure - Applications (optional)

- Good understanding of risk management - security audit and internal audit - implementation of frameworks - Policy setting

- Experience of Operations processes KPIs

- Incident response experience

- dynamics 365 knowledge ( Optional)

**Communication Skills**:

- Excellent communication skills including strong verbal presentation skills.

- Ability to communicate security concepts to a technical and non-technical audience and able to interact with all levels of the organization.

- Exhibits self-motivation to perform to the highest standard of excellence.

**Job Dimensions

**Geographic Responsibility**: Global

**Type of Employment**:Full-Time

**Number of Direct Reports**:3-5 / **Estimated Total Size of Team**:5-6

**Travel %**:International travel up to 30% (not mandatory)

**Internal Relationships**:All management levels, peers, and business customers /

**External Relationships**:Vendors, business partners, technology consultants

**Budget / Revenue Responsibility**:$2MM