CYBER & DIGITAL SECURITY SENIOR SPECIALIST | CLOUD AND NETWORK SECURITY ENGINEER | CYBER SECURITY ARCHITECT

22/09/2022

Milano

Job description

Techyon is the first Head Hunter specialising exclusively in the search and selection of senior professionals and managers in the Information Technology segment. Our Recruitment Engineers select the best IT profiles for prestigious consulting firms IT, banks, service companies, manufacturing groups, excellent start-ups and digital DNA company.

About the Company: for the world's largest food & beverage company, our Recruitment Engineer are looking for a Cyber & Digital Security Senior Specialist. 

Core Responsibilities: 

As a Cyber and Digital Security Senior Specialist, you will play a central role in establishing and maintaining security products, platforms and solutions designed to mitigate IT risks across the Group to ensure that information assets are adequately protected. You will be responsible for the identification, evaluation and reporting of information security risks in a manner that meets compliance and regulatory requirements, aligning with and supporting the risk posture of the enterprise.

The new team member will proactively work with IT and business units to implement practices that meet defined policies and standards for information security. Acting as a security business partner for the IT Product Groups, you will represent IT Security in various core team meetings.

The Cyber and Digital Security Specialist continuously researches and stays on top of emerging security threats, technologies and trends.

  • Develop, maintain and publish up-to-date security policies, standards and guidelines, and oversee training and dissemination of security policies and practices;

  • Work directly with Product Managers, BRMs and IT Customers to facilitate business IT risk assessment and risk management processes, and work with stakeholders through the enterprise on identifying acceptable levels of residual risk;

  • Create a framework for roles and responsibi.lities with regard to information ownership, classification, accountability and protection;

  • Provide strategic risk guidance for IT projects and product management, including the evaluation and recommendation of technical controls;

  • Ensure that security programs are in compliance with relevant laws, regulations and policies to minimize or to eliminate risk and audit findings;

  • Understand and interact with related disciplines to ensure the consistent application of policies and standards across all product groups; technology projects and systems, including, but not limited to, privacy, risk management, compliance and business continuity management;

  • Work closely with Enterprise Architects, other functional area architects and other Security Specialists to ensure adequate security solutions are in place throughout all IS/IT products and platforms to mitigate identified risks sufficiently and to meet business objectives and regulatory requirements<,

  • Serve as a security expert in infrastructure design and deployment, database design, network and/or platform (operating system) efforts, helping product teams comply with enterprise and IT security policies, industry regulations and best practices.

Job requirements

Must Have: 

 

  • Degree in business administration or a technology-related field, or equivalent work experience;

  • 8+ years of experience in a combination of risk management, information security and IT jobs;

  • Experience in complex enterprise environments and current technology areas like cloud and mobility;

  • Hands-on experience with Azure and/or AWS and/or GCP related to administration, security, deployment, management and automation technologies;

  • Practical experience on infrastructure network security (i.e. data centers, security gateways, VPN, on prem and in the cloud);

  • Practical Experience on operating systems security (Linux and/or Windows);

  • Experience on databases security (SQL, Oracle, NoSQL, HANA DB etc);

  • Previous work experience in a global environment and with virtual teams will be considered an asset;

  • Knowledge and understanding of relevant legal and regulatory requirements, General Data Protection Regulation (GDPR), Payment Card Industry/Data Security Standard (PCI) or relevant local or global laws, standards and regulations;

  • Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences in English;

  • Excellent analytical skills, able to manage multiple projects under strict timelines, work well in a demanding dynamic environment and meet overall objectives;

  • Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals with minimal supervision;

  • Poise and ability to act calmly and competently in high-pressure, high-stress situations;

  • Must be a critical thinker with strong problem-solving skills;

  • High level of personal integrity, and the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity.

Nice to Have:  
  • Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials, is preferred;
  • Knowledge of common information security management frameworks, such as ISO 27001, IS/ITIL, COBIS/IT and NIST would be a plus.

Other info

Further Information:

Work place: Assago (MI) 

Smart-working available 

Compila i seguenti campi per candidarti.

Carica il tuo CV (.pdf)* Non puoi caricare il CV?

Informativa privacy candidati