ICT&Security Governance Specialist

Fineco Bank

Milano

6 gg fa

Area description

The ICT&Security function develops and manages the software applications, the Bank’s technological infrastructure and related ICT Security aspects.

It boosts the rationalization of all processes supporting business lines, through the collection of needs related to IT services and the promotion of technological opportunities offered by the evolution of the information system.

Main Responsibilities

Assess IT&Security corporate-wide compliance with internal policies / standards and regulation requirements and identify actions to remediate non-compliance

Ensure that internal practices satisfy the requirements of regulatory frameworks such as GDPR,285,262, as well as all applicable local laws and regulations : collaborate with teams across the company to promote and implement adequate practices and controls ensuring compliance with policies / plans / standards

Ensure that Fineco is properly evaluating ICT&security risks by assessing the potential impact of threats to the business and Fineco's vulnerability to these threats and recommending controls to reduce risks to levels aligned with the organization's risk tolerances and appetite

Work collaboratively with 2nd / 3rd level control departments as Risk Management, Compliance, Audit to ensure that local practices are consistent with corporate approach and standards

Monitor the legal and regulatory landscape to proactively address new ict and / or information security related requirements : identify compliance objectives and map program deliverables to the requirements (i.

e. define controls that can be used to meet those requirements and update / maintain internal controls framework)

Update, implement and maintain the internal program to collect and report ICTand information security related performance metrics and key risk indicators.

Build out and maintain current GRC tools and processes within ict&information security to provide visibility and transparency

Collect information for generating and communicating both technical-detailed and high level reports, on a regular basis and as requested

What we expect from you

Ability to read, write and speak English (B2 or better)

Ability to work with cross-organizational and cross-functional teams

Bachelor’s degree in computer science / engineering or equivalent

Good problem solving skills and attention to details

At least 5 years of previous experience in ICT Risk or ICT&Security Governance role

Previous experience in coordinating governance topics in a parent company

CISA, ITIL, CGEIT and other certifications in IT Governance topic are a plus

Experience defining, revising, and implementing corporate information security policies

Experience coordinating initiatives for obtaining security related assurances (e.g., ISO 27001, COBIT, ITIL etc.) including control design and testing.

Experience creating, implementing, maintaining, monitoring and enforcing IT&Security policies, procedures, programs, and processes

Familiarity with legal regulatory requirements related to information security and IT (Bankit 285, BCE, L.231, GDPR, PSD2, ..)

Familiar with risk management and risk assessment concepts and methodologies

Share : TwitterLinkedinEmail

Segnala questo annuncio

Thank you for reporting this job!

Your feedback will help us improve the quality of our services.