It Security Governance & Compliance Manager Milano

It Security Governance & Compliance Manager
Milano
Lombardia, Milano

Founded in 1913 in Italy, the Prada Group was built on a tradition of excellence and with a vision of innovation.

The Group, a world leader in the luxury sector, operates in more than 45 countries with the PRADA, Miu Miu, Church's and Car Shoe brands, and has employees of over 100 nationalities. -

- Joining our Company means working in a creative and international environment, with teams of people motivated by curiosity and the quest for excellence.

The engine of our success is the importance and value that we place on the talent and passion of our people leading to their own professional growth.

**JOB PURPOSE**:

- _

- Reporting directly to the CISO, the IT Security Governance & Compliance will support the Group CISO to develop the information security strategy and security road map, ensuring that the overall approach to information security is aligned with Group policies and objectives and international best practices. -

- The role is approx.

30% a technical role (mostly related to vulnerability, penetration and firewalling issues) and a 70% related to governance and compliance, drafting and implementing the relevant policies.

**RESPONSIBILITIES

***- More specifically, the key tasks include:

- Driving the strategy process for information security, including preparing prioritized road maps, in close collaboration with the CISO and IT executives

- Developing and maintaining the information security governance framework

- Developing and monitoring the information risk management framework

- Developing and reporting on information security performance through key security metrics

- Performing regular threat landscape assessments for executive management

**KNOWLEDGE AND SKILLS

- A bachelor's degree in information security or a related field is required- At least 6 years of work experience within an IT governance or IT audit-related field- Excellent knowledge of IT governance best practices, and experience in assessing and implementing IT standards- Ideally certified in IT Security domain (CISA, CISM, CISSP etc.

)- Experience in implementing and managing business continuity plans (BCPs)- Strong analytical skills and attention to detail- Ability to work independently and also within a team environment- Have effective communication skills including written, verbal, and presentation- Fluency in English