Junior Cyber Risk Consultant - Milano, Italia - WTW

WTW
WTW
Azienda verificata
Milano, Italia

2 settimane fa

Piero Bianchi

Inviato da:

Piero Bianchi

Reclutatore di talenti per beBee
Descrizione
Junior Cyber Risk Consultant

  • Milano, IT
December 01, 2023


The Role

JUNIOR CYBER RISK CONSULTANT

What are we looking for?
We are looking to hire a versatile Junior Cyber Risk Consultant within the WTW Cyber & Tech Consulting Team. This Junior professional will oversee conducting consulting services related to Cyber Risk & Privacy Management capabilities for our clients.


What do we expect from you?
You will be part of an international team providing cyber risk consulting services to WTW clients across Western Europe. Although you are based in Italy, you will work with clients from different countries.


Most of the job can be done remotely but depending on each project and the client ́s requirements, you might travel to work closely with the client ́s IT/Cybersecurity & Risk teams.

We expect you to conduct the following types of activities working closely with the Head of Cyber & Tech Consulting Team (which you will report):

  • Assess the maturity level of the client ́s cybersecurity program, leaning on European (ISO) and North American (NIST) standards.
  • Identify and assess potential cyber and privacy risks within an organization's systems, processes, and data handling practices, leaning on European (ISO) and North American (NIST) standards.
  • Conduct Cyber Risk Quantification processes considering international methodologies such as FAIR or similar approaches.
  • Design and deploy cybersecurity or cyber risk metrics programs to measure, assess, and monitor the client ́s cybersecurity performance, trace the cybersecurity capabilities deployment degree, make informed decisions, prioritize resources, demonstrate accountability, and drive continuous improvement.
  • Conduct Digital Business Impact Analysis (BIA) to identify and map essential assets with crucial business processes.
  • Conduct threat modelling projects based on STRIDE or similar methodologies.
  • Carry out GAP assessments against current EU legislations such as NIS2, DORA or CER.
  • Carry out GDPR GAP assessments.
  • Conduct PIAs to assess the impact of new projects, systems, or processes on individuals' privacy and ensuring compliance with privacy regulations.
  • Conduct Privacy Risk Assessments based on international standards as NIST or ISO.
  • Develop strategies and roadmaps to mitigate identified risks, which may involve implementing new technologies, processes, or controls.
  • Prepare clients to attend to cyber insurance roadshows, providing accurate and structured qualitative and quantitative information on cyber risk posture and hygiene to be more attractive to carriers and get better insurance conditions.
  • Conduct cyber insurance optimization leaning on qualitative and quantitative techniques.
  • Design cybersecurity and privacy policies aligned with industry best practices and legal requirements.
  • Design and provide training and awareness programs to educate client ́s employees about cybersecurity best practices and potential risks.
  • Participate in defining and developing incident response capabilities, including Incident Response Plans (IRP), Tabletop Exercises, and Cyber Crisis Simulations.

Key Skills and Competencies
Nobody is perfect and meets a 100% of our requirements. If you, however, meet some of the following criteria and are curious about how you can develop your career at WTW we'll be more than happy to meet you


General requirements:


  • Bachelor's degree in business administration, legal, computer science, cybersecurity, information technology, or related fields.
  • More than 2 years of proven experience in cybersecurity roles with a focus on cyber and privacy risk management activities.
  • Excellent English communication skills, able to convey complex technical information effectively.
  • French or German will be valued.

Essential requirements:


  • Understanding of cybersecurity principles, cyber risk, and privacy management methodologies.
  • Knowledge of cyber insurance and related transfer strategy.
  • Knowledge of relevant privacy laws and regulations (such as GDPR, NIS2, DORA, CER, etc.) and ability to ensure compliance.
  • Skills to manage projects related to cybersecurity, privacy, and risk assessment effectively.
  • Excellent communication and presentation skills to convey complex technical information to nontechnical stakeholders.
  • Open attitude to learn and improve your professional skills.
  • Clientfocused, providing outstanding and insightful reports and outcomes.

Additional requirements:


  • Relevant certifications such as COMPTIA Security+, ISO27001 Auditor, Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) would be advantageous.

What do we offer?

  • Competitive salary based on your background and experience, and a variable annual bonus set according to your goals.
  • Enjoy flexible working hours and find out your ideal way of working thanks to our smart work model: full remote or hybrid, it's up to you.
  • Ad
Altri lavori da WTW
Vedi tutte le offerte di lavoro di WTW