Cybersecurity (Security Governance) - Roma, Italia - UNICC

UNICC
UNICC
Azienda verificata
Roma, Italia

2 settimane fa

Piero Bianchi

Inviato da:

Piero Bianchi

Reclutatore di talenti per beBee
Descrizione

Purpose of the Position:


The Cybersecurity Officer will assist and support client organizations in establishing, implementing, maintaining and continually improving information security controls to ensure that information assets are adequately protected.

The Officer will also be responsible for providing active support with Cybersecurity Governance practice at UNICC.

The Cybersecurity Officer will provide services to client organizations independently or under light supervision.


Objectives of the Programme:


The objective of the Centre is to provide trusted ICT services and digital business solutions to its Clients and Partner Organizations.


Main duties and responsibilities


The incumbent will work under the direct supervision and guidance of the of Head, Cybersecurity Assurance Unit (CSGA) within the Cybersecurity Division (CS) and in close collaboration with other team members among the Division.

The incumbent could be requested to do any others tasks of similar level in related fields.

The incumbent will be required to:

  • Develop and enhance an information security management framework based on the ISO 27000 standards
  • Develop, maintain and publish uptodate information security policies, standards and guidelines
  • Oversee the approval, training, and dissemination of security policies and practices
  • Create, communicate and implement the process for risk management, including the assessment and treatment of identified risks. Work directly with business units and stakeholders throughout the organization on identifying acceptable levels of residual risk. Report and oversee treatment efforts
  • Build regular reporting/dashboards on the current status of the cybersecurity programme to senior management and business units as part of a strategic enterprise risk management programme
  • Help raise cybersecurity and risk management awareness for all employees, contractors and approved system users
  • Provide active support during security incidents and events that affect organizational assets, including intellectual property, sensitive data and the organization's reputation
  • Provide direction, support and inhouse consulting in effective disaster recovery policies and standards. Coordinate the development of implementation plans and procedures to ensure that businesscritical services are recovered in case of a security event
  • Provide strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls
  • Ensure that security programs are in compliance with relevant rules, regulations, policies and standards to minimize or eliminate risks and audit findings
  • Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action
  • Perform technical security assessments and develop strategies for remediating vulnerabilities and risks identified
  • Work closely with other members of UNICC's cybersecurity team to develop and deliver new and existing cybersecurity services

Other:
Provide other ad hoc support either within the team or in other teams as required - this includes the participation in special projects or support to service delivery for short period of time on a part-time or full time basis upon request from the senior management


Recruitment Profile

Experience and Skills required:


Essential:


  • At least five (5) years of experience in the cybersecurity area
  • Ability to understand technical and business aspects of IT risk, and to communicate those risks to business and technical units so that the organization can make informed decisions regarding appropriate levels of information security control
  • Strong analytical and problemsolving skills
  • Ability to act calmly and competently in highpressure, highstress situations
  • Excellent written and verbal communication skills, interpersonal and collaborative skills
  • High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity
  • High degree of initiative, dependability and ability to work with little supervision

Desirable:


  • Experience in achieving and maintaining ISO 27001 certification
  • Project management skills and ability to manage multiple projects under strict timelines

Education:


Essential:


  • First university degree in computer science, information systems, mathematics, statistics or related field
  • Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Cloud Security Professional (CCSP), ISO 27001 lead implementer/auditor, or other similar credentials

Desirable:


  • Master's degree or equivalent experience in computer science, information systems, mathematics, statistics or related field

Languages:

-
English: Expert knowledge is required

  • Knowledge of another official United Nati
Altri lavori da UNICC
Vedi tutte le offerte di lavoro di UNICC