Main Responsibilities / Activities
The Cyber Security - Governance & Risk Analyst will be responsible for the following :
Maintain awareness of existing and proposed security standards, ensuring consistency with international best practices for information, infrastructure and cloud security.
Support the design, evaluation and oversight of security controls within IT security projects, programs, applications and systems, e.
g. Cloud Control Framework
Develop and support an holistic approaches within the following fields : Security strategy, Security transformation, Cyber Risk management;
Cyber Security assessments, audits and compliance, Business Continuity
Support Global IT colleagues to ensure appropriate security controls are an integral part of Global IT solutions, including those provided by third parties.
Conduct investigations, analysis, assess breaches, and prepare recommendations for appropriate improvements
Key Competences / Leadership Attributes
Action-oriented and results driven
Organized with strong time-management skills
Flexible attitude, reliable
Strong passion for learning new technology and concepts quickly
Ability to work both independently and collaboratively with peers, across teams, and with management
Willingness to travel
Strong problem-solving and analytical skills
Basic Requirements
2-4 years related experience
IT Science Degree or Information Security related degree or a closely related field
Fluent knowledge of at least Italian and English language
Knowledge of risk management processes, techniques, and tools
Project management experience : defining scope, setting project timelines and milestone, driving deliverables, managing issues and adjusting as needed
Demonstrated experience in assessing and reviewing security strategy and governance program framework, including process, controls, organization and infrastructure to support information security capabilities
Knowledge of international standards and best practices for Information Security, Risk & Governance (e.g. ISO27001, NIST, IRAM, CIS)
Knowledge of cloud-based technologies (e.g. CASB, SASE, AWS, Azure, )
Ability to work cross-functionally and establish credibility
CISA certification / training, CISSP, or related preferred 
