Guarantee the development and maintenance of a secure IT infrastructure solutions setting and minimize the Cyber Risks identified, in line with the Group's Policies and the guidelines issued by the IT Security Manager.
Ensure the protection, integrity, confidentiality and accessibility of the company's information, supplying reports on the effectiveness of the solutions adopted and on the security of data and accesses.
Manage the existing IT solutions (e.g. antivirus, antispam, web filtering systems, CASB, APT, SIEM, SOC, etc.) and explore new technically advanced products designed to mitigate risks in order to uphold and improve the overall security level.
Formulate recommendations to the IT Security Manager with regard to the adoption of new procedures and technologies.
Manage projects, procedures and activities in line with the continuous improvement approach to enforce the cyber security (e.
g. ISO 27001 certification; CLUSIT or NIST recommendations, etc.)
Manage and monitor the mechanisms of intrusion detection and intrusion prevention, in close contact with the External Data Center and the other infrastructure units, in order to avoid computer hacking and suspicious unauthorized activities.
Ensure the implementation and continual updating of the plan for compliance with legislation (e.g. GDPR , D.P.S law 196 on data protection, etc).
Collaborate with Internal Audit cyber security assessment and Enterprise Risk Management activities related to cyber security matters.
Contribute to the formalization of documents, procedures, guidelines to assure the Cyber Security Governance at Global Level.
Ensure the correct management of the definition and cancellation of user accounts and of related permissions on the use of IT services.
Manage the IT security incidents
3 / 5 years experience in the ICT Cyber Security sector gained in complex contexts (as an employee or as a consultant)
Management-oriented profile for activities and projects in the Cyber Security context : knowledge of the related main platforms / solutions (SIEM, SOC, APT, CASB, ...)
Technical knowledge of ICT infrastructures and systems and related processes for the management of users / roles / authorizations on infrastructure platforms and applications environment, such ERP
Knowledge of Microsoft platforms and solutions, especially the OFFICE suite, the Active Directory environment, the Office365 suite (Exchange, Sharepoint, ) and the Cloud configurations (Azure)
Knowledge of the main international ICT security standards, with particular reference to the ISO / IEC 270xx Family (ISO 27001 Certification would be preferred).
Fluency in English is a must; a good knowledge of Italian will be preferred
Ability to summarize and organize information in technical and operational documents
Confidentiality attitude, team-work, good interpersonal skills, ability to prioritize and work under pressure
Ability to identify unconventional / innovative solutions
Availability to business trips (Italy and abroad)
Location : Parma
Contract offer : full-time, local contract
Start date : September 2019