Governance Risk & Compliance Junior Consultant
Posting Date**:6 Sep 2024**City**:Roma**Location**:Roma, IT, 144
- Genova, IT, 16129**Contract Type**:Permanent**Division**:Cyber Security and Management Consulting**Level of experience**:Junior- RINA is currently recruiting for a **Governance Risk & Compliance Junior Consultant** to join its office in **ROME OR GENOA** within the Cyber Security and Management Consulting Division.
**Mission
- We are currently looking for a **Governance Risk & Compliance Junior Consultant** to expand our technical team.
**Key Accountabilities
- The person will be in charge of technical activities such as:
- Identify security risks within organizations and complex systems/architectures;
- Design security measures and provide recommendations or suggestions to improve security
postures;
- Verify compliance versus laws, regulations and standards pertaining security and
cybersecurity;
- Provide support to Customers in cybersecurity related activities;
- Draft technical reports (often in English language);
- Maintain and update the RINA cybersecurity guidelines and assessment methodologies;
- Support the business development from a technical point of view, drafting technical offers and
detailing services.
- Coordinate the work of junior staff (where applicable).
**Education
- Master's Degree in Computer Engineering or Cyber Security
**Qualifications
- Requirements:
- Knowledge of laws, regulations, international standards and best practices (e. g.
GDPR, ISO27k family, NIST Cybersecurity Framework, NIS Directives, ISA62443, Common Criteria/ISO15408, etc.
);
- Previous experience in Governance, Risk & Compliance activities for IT/OT security topics;
- Ability to identify and analyze information security risks within different contexts;
- Strong problem-solving ability;
- Excellent verbal and written communication skills - Italian and English as a minimum;
- Flexibility and ability to multi-task in a fast-paced atmosphere with frequent context-switching;
- Availability to travel within the Country and abroad.
- Desired Requirements:
- One or more security certifications/qualifications: e. g.
ISO270001 Qualified Lead Auditor, GIAC/GICSP or ISA62443 related certifications, ISACA CISM/CISA/CRISC, ISC2 CISSP, Data Protection Officer, etc.
- Knowledge of security tools/platforms such as: vulnerability assessment tools, penetration tests
Detection, Intrusion Prevention/Detection Systems (IPS/IDS), Endpoint Protection Platforms (EPP,
but also EDR, MDR and XDR services), technologies related to code security analysis, Web Application Firewall (WAF), Security Orchestration Automation and Response (SOAR), Security Information and Event Management (SIEM) and Governance Risk Compliance (GRC).
- Previous experiences in security certification processes of information security management systems (wrt ISO/IEC 27001) or IT/OT products (wrt Common Criteria or ISA62443) will be considered as a plus.
**Competencies
- CLIENT INTIMACY - Embrace internal and external client needs, expectations, and requirements to ensure maximum satisfaction
- EARN TRUST - Take everyone's opinion into account and remain open to diversity
- PROMOTE SUSTAINABLE DEVELOPMENT - Promote commitment by keeping promises as a Role Model
- MANAGE EMOTIONS - Recognise one's and other's emotions and express and regulate one's reactions
- PIONEER CHANGE - Actively embrace change and benefit from the new circumstances
- BUILD NETWORK - Forge trust relationships, across departments, and outside the organization
- MAKE EFFECTIVE DECISIONS - Structure activities according to priorities, actions, resources and constraint
- ADDRESS THE WAY - Have a big picture of different situations and reinterpret it in a perspective way
- THINK FORWARD - Capitalise on experiences and translate them into action plans for the future
- With over 5, 600 employees and 200 offices in 70 countries worldwide, RINA is a multinational player which provides certification, marine classification, product testing, site supervision and vendor inspection, training and engineering consultancy services across a wide range of sectors.
Our business model covers the full process of project development, from concept to completion.
The aim is to guarantee a project's technical, environmental and safety - and sometimes also economic and financial - sustainability. - At RINA, we endeavor to create a work environment where every single person is valued and encouraged to develop new ideas.
We provide equal employment opportunities and are committed to creating a workplace where everyone feels respected and safe from discrimination or harassment of any kind.
We are also compliant to the Italian Law n. 68/99. _
Diventa il primo a rispondere a un'offerta di lavoro!
-
Perché cercare un lavoro con PostiVacanti.it?
Ogni giorno nuove offerte di lavoro È possibile scegliere tra un'ampia gamma di lavori: il nostro obiettivo è quello di offrire la più ampia selezione possibile Ricevi nuove offerte via e-mail Essere i primi a rispondere alle nuove offerte di lavoro Tutte le offerte di lavoro in un unico posto (da datori di lavoro, agenzie e altri portali) Tutti i servizi per le persone in cerca di lavoro sono gratuiti Vi aiuteremo a trovare un nuovo lavoro