It Security Governance Specialist trieste

It Security Governance Specialist
Trieste
Friuli Venezia Giulia, trieste

Generali is a major player in the global insurance industry - a strategic and highly important sector for the growth, development and welfare of modern societies.

Within the Group IT Security Governance area we are looking for a IT Security Governance Specialist.

The IT Security Governance Specialist, part of the IT Security Governance unit, supports group cyber security strategy oversight through the monitoring of the implementation of the Security initiatives, projects and programs necessary to improve the security posture of the Group, in line with the organization's risk appetite.

In addition he/she will support the definition and implementation of the security organization, of the security strategy and of security regulation at Group level.

The role complements its task with the coordination and monitoring of ICT strategy definition and implementation monitoring as well as the Cloud Policy definition and monitoring.

Finally, he/she will coordinate and support the Group companies in the implementation of the Group Outsourcing Policy and the continuous maintenance of the Outsourcing Policy and its implementation in Assicurazioni Generali SpA.

Key responsibilities of the role will include:

- Defines the Group cyber security strategy and regulation (policies, guidelines) related to IT/Cyber Security

- Establishes adequate security organization at Group level

- Coordinate, support and monitor the status of implementation of Group strategy and regulation at local level

- Support and monitor the status of implementation of Group strategy and regulation at local level preparing periodic executive reports and KPI reports

- Establish and maintain a strong Project Portfolio Management tool, as well as monitor the progress, issues, risks and costs of the security initiatives

- Manage security checks and compliance with regulation about security

- Manage security maturity assessments, based on leading information security standard (NIST Framework), at Group level in order to evaluate maturity levels

- Ensure adoption of security measures in new solutions according to the security by design principle

- Ensure adequate alignment at Group level about security activity

- Monitors changes on the security landscape in terms of emerging risks, regulatory compliance, new technologies and cross industry/national cyber security initiatives

- Defines and develops Group Regulation for management of Business Continuity and IT Disaster Recovery, Outsourcing and Cloud, supervises the implementation at Group level and in Assicurazioni Generali SpA

- Supports the definition of the ICT strategy plan and its implementation monitoring

The role implies frequent contacts at an international level with Generali Group companies in the different countries and regions where the Group operates.

Must have

- 2-3 years of experience in IT/Cyber Security in international group or major consulting firms; specific experience in financial services industry would be a plus

- Degree-level education (Engineering, Computer Science or equivalent)

- Extensive experience on information security governance, IT risk management, regulatory compliance (e. g.

GDPR) and audit procedures

- Basic technical knowledge and experience on security technologies (like Endpoint protection, Mobile Security, Data Protection, Cloud Security, etc. )

and on cyber security capabilities (SIEM, SOC, CERT, Vulnerability Management, Threat intelligence etc.

)

- Experience as project manager

- Strong knowledge of main Information Security standards and framework (ISO27001, ISO22301, ISF, NIST, COBIT etc.

Soft skills

- Ability to work in large international security projects

- Advanced problem solving, analytical and communication skills

- Demonstrated ability to work effectively as part of a team