The role is part of the Cyber Security function, the candidate will be responsible for supporting the area in the adoption, management and evolution of corporate solutions in the Cyber Risk management topics and will collaborate with the corporate structures to conduct risk assessment and directing risk monitoring plans and related remediation.Main responsibilitiesImplement a risk-based approach to prioritize development of secure patterns for high-risk assets or activitiesUpdate Sky risk management process in accordance with best practices, regulations and Sky PolicyCooperation with the group structures for cyber risk management activitiesUse of the corporate cyber risk management platform to manage the cyber risk registerContinuously update the risk management process in accordance with best practices and with company PolicyManagement of Exceptions process to policies, standards and guidelinesMonitoring and reviewing security controls to identify their operational effectivenessFacilitate audits and remediations of any findings noted in cyber security departmentSupport on cyber security compliance on GDPR, NIS2 and PCI/DSSCyber risk posture reporting to SKY management and CommitteeDevelopment of visual dashboards that board directors can use to monitor riskControl of the effectiveness of the metrics adoptedRequirementsProved experience in similar roles, gained in consulting companies and / or large companies in the ICT sector in relation to cyber risk management projectsMaster degree in Computer Science or Telecommunication EngineeringKnowledge of the landscape of norms and standards in the privacy / information security field (HIPAA, NY DFS, GDPR, CCPA, ISO / IEC 27000, NIST, PCI DSS, etc.)Knowledge of the main Risk Management / Control Frameworks (COSO, COBIT, ISO, ITIL, NIST, FAIR, etc.)Able to articulate cyber risk management concepts to a wide range of recipientsExcellent knowledge of cyber risk management tools and experience in using some of them.Excellent understanding of ICT services and architecturesThe achievement of CISSP, CISA, CISM, SANS GIAC certifications will be considered a preferential title.Languages: Italian, EnglishSoft skillsExcellent verbal and written communication skillsAbility to constructively and proactively interact with all the stakeholders, respecting the work needs and the role of each.Flexibility, autonomy, speed; proactive and highly assertive candidate, with a strong goal orientation.
#J-18808-Ljbffr