CYBER SECURITY GOVERNANCE ANALYST - Milano, IT - Esselunga
The Information Technology Department is modernly organized and structured to support the various business functions. It deals with activities such as development, implementation and maintenance of new applications, administration and management of data warehouses, management and maintenance of networks and all corporate information systems, assistance to users, etc.
RESPONSIBILITY OF THE ROLE
The resource will be inserted into the structure that guarantees the company's IT security and will help set the standards and manage IT security in order to mitigate threats and manage risks.
Set up and monitor the IT security standards, the architecture and the requirements that ensure their implementation - Manage the response and mitigation of cyber threats and attacks, in coordination with other competent corporate departments - Support the definition of the Governance of the IT security and supervision of implementation, standardizing IT security processes - Supporting IT risk management through their detection, identification, monitoring, evaluation and mitigation - Managing and governing data breach processes and in general all that for example, it is in the field of regulations for GPDR obligations, - to support the departments and functions within the Group (eg Legal, Audit, etc.)
Degree in Computer Science or Engineering; Previous experience in the field of Cyber Security Governance; Knowledge of the most common security standards both in terms of process and software security, eg. ISO27001, OSWAP, Knowledge of risk analysis and NIST frameworks, ISO, regulatory knowledge and related implications IT, preferably model 231 and GDPR, Knowledge of the processes of control of mitigation of IT and Information Security risks such as vulnerability and management threats, patch management, penetration testing / red-teaming / cyber and attack simulation Knowledge of forensic security issues and related communication processes (eg postal police, privacy guarantor, etc.)
Ability to analyze; Precision and method; Orientation to the result; Sense of responsibility.