ICT & Cyber Risk Senior Specialist – Protected Categories under art.1 of Law 68/99

Job title:

ICT & Cyber Risk Senior Specialist – Protected Categories under art.1 of Law 68/99

Company:

Generali

Job description

The “ICT & Cyber Risk Senior Specialist” is a passionate professional with strong technical background on the digital ecosystem, coming from ICT and/or security operations field.Leveraging his/her skills, he/she understands ICT & Cyber issues that can lead to risks, supporting all departments within the Company in an effective, day-by-day, risk management activity, aimed at achieving and maintaining a top-level ICT & Cyber resilience posture to support the Group business strategy.Thanks to his/her technical background, the ICT & Cyber Risk Senior Specialist can support in the definition of new risk assessment methodologies and frameworks, based on market best practices, give advice on the most suitable risk response, challenge risk mitigations and report risk exposure up to C-Level top managers.He/She gives advice to Business Units to reach a common and harmonized ICT & Cyber Risk methodology across the Group.Main tasks:

• Identification of weaknesses that might lead to risks in the areas of ICT infrastructure and cyber
• Risks Identification, Assessment (e.g. AI, Cloud, IoT), Evaluation, Response, Monitoring
• ICT assets lifecycle (from demand, projects, changes till End of Support risk)
• Security testing reports: vulnerabilities scanning, penetration testing, TLPT, early warning
• Support the definition of remediation plan and related mitigation actions, monitoring their implementation

Key activities:

• Assess current ICT and Cyber technical posture of the Company with particular focus on infrastructure (network, OS, storage, virtualization, backup) to identify potential risks and weaknesses
• Support the identification of potential risks within key ICT & Cyber activities:
• ICT assets lifecycle
• Security testing (e.g. Penetration tests, vulnerability scanning, BCM & DR plans)
• Act as a SME on technical topics to support local ICT & Security departments in both tactical and strategic initiatives
• Give advice on ICT project to foster a risk based approach on infrastructure evolution
• Support the regular alignment with all Legal Entities involved in ICT & Cyber Risk activities and other functions
• Reports at local and Group level the ICT & Cyber risk exposure of the Company

Our ideal candidate will meet the following requirements:

• Experience in technical roles in ICT or Cyber areas, like sys/network admin, ICT architect, security specialist
• Good understanding of infrastructure architecture and best practices
• Good knowledge of ICT, cyber security and service management
• Knowledge of international standards (ISO 31000, COBIT 2019, ITIL v4, ISO 2700x, PMI)
• The achievements of one or more of the following professional certifications is required: CISA, CISM, CGEIT, CRISC, ISO27001 LA, COBIT 2019 Foundation, CSX Fundamentals, CSX Practitioner, ITIL v4 Foundation, CIA, CRMA, PMI
• Bachelor’s degree in computer science, Mathematics, Engineering, or equivalent experience in ICT and/or Cyber security fields
• Fluent English, another third language is a plus

Expected salary

Location

Milano

Job date

Thu, 27 Mar 2025 23:49:09 GMT

To help us track our recruitment effort, please indicate in your email/cover letter where (vacanciesin.eu) you saw this job posting.