ICT&Security Governance Specialist
Fineco Bank
Milano
6 gg fa

Area description

The ICT&Security function develops and manages the software applications, the Bank’s technological infrastructure and related ICT Security aspects.

It boosts the rationalization of all processes supporting business lines, through the collection of needs related to IT services and the promotion of technological opportunities offered by the evolution of the information system.

Main Responsibilities

  • Assess IT&Security corporate-wide compliance with internal policies / standards and regulation requirements and identify actions to remediate non-compliance
  • Ensure that internal practices satisfy the requirements of regulatory frameworks such as GDPR,285,262, as well as all applicable local laws and regulations : collaborate with teams across the company to promote and implement adequate practices and controls ensuring compliance with policies / plans / standards
  • Ensure that Fineco is properly evaluating ICT&security risks by assessing the potential impact of threats to the business and Fineco's vulnerability to these threats and recommending controls to reduce risks to levels aligned with the organization's risk tolerances and appetite
  • Work collaboratively with 2nd / 3rd level control departments as Risk Management, Compliance, Audit to ensure that local practices are consistent with corporate approach and standards
  • Monitor the legal and regulatory landscape to proactively address new ict and / or information security related requirements : identify compliance objectives and map program deliverables to the requirements (i.
  • e. define controls that can be used to meet those requirements and update / maintain internal controls framework)

  • Update, implement and maintain the internal program to collect and report ICTand information security related performance metrics and key risk indicators.
  • Build out and maintain current GRC tools and processes within ict&information security to provide visibility and transparency
  • Collect information for generating and communicating both technical-detailed and high level reports, on a regular basis and as requested
  • What we expect from you

  • Ability to read, write and speak English (B2 or better)
  • Ability to work with cross-organizational and cross-functional teams
  • Bachelor’s degree in computer science / engineering or equivalent
  • Good problem solving skills and attention to details
  • At least 5 years of previous experience in ICT Risk or ICT&Security Governance role
  • Previous experience in coordinating governance topics in a parent company
  • CISA, ITIL, CGEIT and other certifications in IT Governance topic are a plus
  • Experience defining, revising, and implementing corporate information security policies
  • Experience coordinating initiatives for obtaining security related assurances (e.g., ISO 27001, COBIT, ITIL etc.) including control design and testing.
  • Experience creating, implementing, maintaining, monitoring and enforcing IT&Security policies, procedures, programs, and processes
  • Familiarity with legal regulatory requirements related to information security and IT (Bankit 285, BCE, L.231, GDPR, PSD2, ..)
  • Familiar with risk management and risk assessment concepts and methodologies
  • Share : TwitterLinkedinEmail

    Segnala questo annuncio
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Invia candidatura
    La mia Email
    Cliccando su “Continua”, autorizzo neuvoo ad utilizzare i miei dati ed inviarmi avvisi email come menzionato nella sezione Politica sulla Privacy di neuvoo. Posso ritirare il mio consenso e cancellare la registrazione in qualsiasi momento.
    Continua
    Modulo di candidatura