Information Security Specialist GENOVA

Information Security Specialist
Genova
Liguria, GENOVA

Job Description - Information Security Specialist (2500001M)

Information Security Specialist - ( 2500001M ) Step into a world of endless possibilities, together let's leave something for the future! At IIT, we are committed to advancing human-centered Science and Technology to address the most urgent societal challenges of our era.

We foster excellence in both fundamental and applied research, spanning fields such as neuroscience and cognition, humanoid technologies and robotics, artificial intelligence, nanotechnology, and material sciences, offering a truly interdisciplinary scientific experience.

Our approach integrates cutting-edge tools and technology, empowering researchers to push the limits of knowledge and innovation.

With us, your curiosity will know no bounds.

We are dedicated to providing equal employment opportunities and fostering diversity in all its forms, creating an inclusive environment.

We value the unique experiences, knowledge, backgrounds, cultures, and perspectives of our people.

By embracing diversity, we believe science can achieve its fullest potential.

THE ROLE The Istituto Italiano di Tecnologia is seeking talented and driven individuals to help shape innovative data protection and cybersecurity strategies and policies.

We welcome both experienced professionals in cybersecurity and motivated candidates with a solid academic background who are eager to grow and develop their skills.

You will join a dynamic, multi-disciplinary team where experts from diverse fields collaborate to drive research and innovation forward.

As a Senior Cybersecurity Specialist, you will be a key figure in strengthening the security posture of our cutting-edge research activities.

Your main responsibilities will include:

Leading cyber risk assessment initiatives and ensuring compliance with international security standards (ISO 27001, NIST, GDPR, NIS Directive);Managing and optimizing SIEM solutions, analyzing security logs, and identifying potential threats;Defining and implementing cybersecurity policies, collaborating with various stakeholders to enhance security governance;Supporting certification and audit processes, ensuring adherence to regulatory requirements;Conducting vulnerability assessments and working closely with IT teams to mitigate security risks;Driving cybersecurity awareness and training programs to enhance security culture across the organization. ESSENTIAL REQUIREMENTS Degree in Computer Science, Information Security, or equivalent experience in Cyber/Information Security;At least 3 years of experience in cybersecurity, with a focus on risk management, governance, and regulatory compliance;Knowledge of security frameworks and regulations, including ISO 27001, NIST (800-53, CSF), GDPR, NIS2 Directive, and other relevant security standards;Hands-on experience with SIEM platforms (e. g. , Microsoft Sentinel, Splunk, QRadar) and security monitoring tools;Experience in cyber risk assessment methodologies (e. g. , FAIR, OCTAVE, ISO 27005) and incident response (L2/L3 escalation handling);Proficiency in vulnerability management tools (e. g. , Tenable, Qualys, Rapid7) and ability to interpret findings for risk mitigation;Strong understanding of security event triage, threat intelligence, and correlation rules tuning within a SIEM;Knowledge of endpoint security solutions (EDR, XDR), firewalls, and cloud security controls (e. g. , Azure Security Center, AWS GuardDuty);Excellent command of written and spoken English;Strong communication skills, with the ability to explain security risks and mitigations to technical and non-technical stakeholders. ADDITIONAL SKILLS Previous experience in research environments, SOC/CERT teams, or regulatory-driven organizations;Security certifications such as CISSP, CISM, CISA, ISO 27001 Lead Auditor/Implementer;Experience in third-party risk assessment and vendor security audits, including contract review for cybersecurity requirements;Practical experience with scripting or automation (Python, PowerShell, Bash) for security operations. COMPENSATION PACKAGE A yearly gross salary ranging between 40000 and 50000 euros, which includes a bonus option in a range between 15% and 20% of the real salary;Private health care coverage (depending on your role and contract);Wide range of staff discounts;Flexible work arrangements: up to 10 days per month of remote work (on request) to support work-life balance;Flexible working time;Candidates from abroad or Italian citizens who permanently work abroad and meet specific requirements may be entitled to a deduction from taxable income of up to 90% from 6 to 13 years. Please submit your application using the online form and including a detailed CV and a cover letter. OrganizationInformation and Communication Technology Directorate

#J-18808-Ljbffr