It Cybersecurity Governance Specialist
CRIF is a company specializing in credit bureau and business information, outsourcing and processing services, and credit solutions.
Established in 1988 in Bologna (Italy), CRIF has an international presence, operating over four continents (Europe, America, Africa, and Asia). More than 10, 500 financial institutions, 600 insurance companies, 82, 000 business clients, and 1, 000, 000 consumers use CRIF services in 50 countries daily. The Cybersecurity function is part of Global Technologies, the CRIF IT division, with over 1500 professionals distributed in 15 countries, managing 29 datacenters and 12 development hubs, committed to delivering value to businesses, driving corporate Digital Transformation through the planning, development, and implementation of end-to-end solutions, adopting leading technologies and methodologies. The mission of the Cybersecurity team is:Protect corporate technological assets through Managed Security Services provided to Crif Group, globally. Enable the Business, providing security consultancy in projects and audits. Improve corporate processes and Enterprise Architecture to achieve a higher Security PerformanceThe IT Cybersecurity Governance and Advisory Specialist, will find at Crif a challenging, dynamic, fast growing and multicultural environment. IT Cybersecurity Governance SpecialistWe are looking for a highly talented individual to work in the CRIF Cybersecurity function at global level.
He/She will help the organization moving a step forward in cybersecurity governance.
Collaborating with the Chief Information Security Officer, IT Cybersecurity Team and Managers, the IT Cybersecurity Governance Specialist will work close with the other IT Functions and company departments contributing to reduce our cyber security risks by ensuring our departments are empowered and aware about policy, process, information and risk to keep our technology systems and the whole company safe and secure.
This position is ideal for someone who is highly passionate about cybersecurity and compliance, and enjoys constantly learning and sharing. Your Key Responsibilities:Reporting to the CRIF Cybersecurity Manager you will be responsible for the following:Assist in Vendor and Third-Party Cybersecurity Management through assessments, audits, and periodic reviews. , to ensure compliance with our cybersecurity standards and validate security clauses in contracts;Support the development, implementation, and revision of Global Technologies Cybersecurity policies , controls, and metrics to ensure compliance with Crif Corporate Policies;Coordinate with Global Technologies functions to ensure security requirements and controls align with technical needs, constraints, and technology changes;Work hand in hand with the Cybersecurity teams worldwide, to build and maintain a unified cybersecurity strategy aligned to global business requirements as well as local regulatory and technological constraints;Provide expert input to Global Technologies IT Governance functions, to effectively embed security requirements in core IT processes. Maintain regular engagement and proactive partnership with Crif business and staff functions to provide expert cybersecurity guidance in company-wide initiatives, such as Cybersecurity Awareness programs, MergerAcquisition integration programs, and new business initiatives;Support customer relationship, facilitating audits and the provision of responses for client requests / questionnaires related to cybersecurity matters. Support CRIF Internal Audit function, coordinating cybersecurity activities and assisting the closure of audit findings; conduct ongoing monitoring of the operating effectiveness of Cybersecurity controls and prepare management reporting of results. Your Skills and Experience:2+ years of professional experience in Cybersecurity Governance. Experience in the following positions would be beneficial : Cybersecurity Advisory, Cybersecurity Project Program Management, Risk Control Evaluation, IT Governance. Strong knowledge of information security principles, frameworks and best practices, and the ability to apply those principles in clear and articulate way; experience in understanding regulatory and industry standards such as PCI, ISO standards, NIST framework, NIS directive, GDPR, DORA, etcHands-on experience in authoring security policies, developing standards, and deploying Security Compliance solutions to manage and measure the cyber risk posture effectively;Solid understanding of Cybersecurity activities, in a mix of areas, including IT Infrastructure Network Security, Cloud Security, Application Security, Endpoint Security, Security Operations and Incident Response, DevSecops, and Data Security;Proven ability to map and understand complex relationships and interactions between Enterprise Architecture, business direction, emerging cybersecurity trends and technologies;The candidate must be a self-starter comfortable with ambiguity, with strong attention to detail, ability to work in a fast-paced, high-energy, and ever-changing environment;Strong communication and collaboration skills, ability to explain complex concepts in plain language and graphics. Work Location: Bologna
Diventa il primo a rispondere a un'offerta di lavoro!
-
Perché cercare un lavoro con PostiVacanti.it?
Ogni giorno nuove offerte di lavoro È possibile scegliere tra un'ampia gamma di lavori: il nostro obiettivo è quello di offrire la più ampia selezione possibile Ricevi nuove offerte via e-mail Essere i primi a rispondere alle nuove offerte di lavoro Tutte le offerte di lavoro in un unico posto (da datori di lavoro, agenzie e altri portali) Tutti i servizi per le persone in cerca di lavoro sono gratuiti Vi aiuteremo a trovare un nuovo lavoro