Corporate services


Job Responsibilities

You will support De’Longhi Group in the definition and update of the Information & Cyber Security vision and strategic direction for the organization
Job Profile
You will join the information & cyber security governance team, inside the Group Legal Department, which is responsible for the organization-wide security and governance, risk, awareness and compliance with industry standards and regulatory requirements.

Main Responsibilities:
• Support the development, update, implementation and enforcement of information security governance including policies, baselines and procedures
• Serve as a liaison between business and functional areas and the technology teams to ensure that Information Security policy-related business requirements for protecting data are clearly defined, communicated, and well understood, and considered as part of operational prioritization and planning
• Recommend appropriate security controls according to internal standards and key industry best practices and ensure that such controls operate as intended
• Gap analysis with respect to standards, industry regulations and definition of the security posture
• Conducting risk analysis and developing of corrective action and remediation plans for identified issues, risks, or vulnerabilities
• Analysis of regulatory requirements for data protection and support in the identification of corrective actions to reach the compliance
• Support in the development and implementation of information security and cyber-security awareness programs to raise awareness around information security risks and best practices
• Support the information & cyber security incident management and escalation processes and procedures
• Support in the cyber security innovation process

Job Profile

Qualifications, Knowledge:
• Master Degree in Management Engineering / Computer Information Technology / Computer Engineering;
• 2 – 3 years experience in Information Risk Management, Information & Cyber Security Governance in international groups or major consulting firms
• Knowledge of international standards and best practices in terms of Information & Cyber Security Governance and experience with security practices and solutions (e.g. ISACA, COBIT, ISO27000 family, NIST Cybersecurity Framework, PCI-DSS);
• Knowledge of data security and protection rules and principles, with particular reference to GDPR
• Knowledge of Cyber Security concepts
• Certifications in the field of information, cyber security & risk management may be considered as additional non-mandatory skills to be considered a plus for the position.

Skills, Capabilities, Competencies:
• Experience in risk management methodologies and procedures;
• Ability to work on matters of high sensitivity and confidentiality with both professionalism and discretion
• Ability to work collaboratively with a broad range of constituencies and respond to their needs and collaborate effectively towards solutions
• Fluent knowledge of English languages is essential
• Good analytical skills, flexibility, problem solving, initiative, focus to results, communication both oral and written.
• Excellent adaptability and teamwork
• Ability to understand the business
• Strong sense of commitment
• Reliability
• Proactivity and passion for the world of Information & cyber security