ICT & Cyber Risk Specialist

For the GOSP Risk Unit of the Enterprise Risk Management department we are looking for a ICT & Cyber Risk Specialist.

The ICT & Cyber Risk Specialist is a passionate professional with strong technical background on the digital ecosystem.

Job practice domains:

• Identification of weaknesses that might lead to risks in the areas of ICT infrastructure and cyber
• Risks Identification, Assessment, Evaluation, Response, Monitoring through:
• ICT assets lifecycle (from demand, projects, changes till End of Support risk)
• Security testing reports: vulnerabilities scanning, penetration testing, TLPT, early warning
• Ad-hoc risk assessment on technologies (e.g. AI, Cloud, IoT…)
• Meeting with stakeholders
• Support the definition of remediation plan and related mitigation actions, monitoring their implementation
• Report on the ICT & Cyber risks
• Involvement on local and Group’s strategic programs

Key activities:

• Assess current ICT and Cyber technical posture of the Company with particular focus on infrastructure (network, OS, storage, virtualization, backup) to identify potential risks and weaknesses
• Support the identification of potential risks within key ICT & Cyber activities:
• Digital transformation and business projects
• ICT assets lifecycle
• Security testing (e.g. Penetration tests, vulnerability scanning, BCM & DR plans)
• Act as a SME on technical topics to support local ICT & Security departments in both tactical and strategic initiatives
• Give advice on ICT project to foster a risk based approach on infrastructure evolution
• Act as SME on ICT & cyber incidents
• Support regular updates on methodologies, tools and documentation for continuous improvement
• Support the regular alignment with all Legal Entities involved in ICT & Cyber Risk activities and other functions
• Reports at local and Group level the ICT & Cyber risk exposure of the Company

The ICT & Cyber Risk Specialist is closely aligned with the Head of Enterprise Risk Management and with Group Risk functions. He/she interacts regularly with company’s Risk owners and with Operational Risk Management of Group Legal entities

Requirements

Our ideal candidate will meet the following requirements:

• Bachelor’s degree in Computer Science, Mathematics, Engineering, or equivalent experience in IT and/or Cyber security fields
• Experience in technical roles in ICT or Cyber areas, like sys/network admin, ICT architect, security specialist
• Good understanding of infrastructure architecture and best practices
• Good knowledge of ICT and cyber security
• Good understanding of ICT service management
• Knowledge of international standards (ISO 31000, COBIT 2019, ITIL v4, ISO 2700x, PMI)
• Knowledge on risk qualitative and quantitative methodologies
• Project management skills
• The achievements of one or more of the following professional certifications is required: CISA, CISM, CGEIT, CRISC, ISO27001 LA, COBIT 2019 Foundation, CSX Fundamentals, CSX Practitioner, ITIL v4 Foundation, CIA, CRMA, PMI
• Fluent English, another European language(s) is a plus

Soft skills:

• Strong listening and mediation/negotiation skills
• Problem-solving and analytical skillset
• Communication skills and ability to manage a wide array of different stakeholders
• An untarnished reputation for integrity
• Proactivity to drive qualitative results
• A global mind-set

Company Profile

Generali is a major player in the global insurance industry – a strategic and highly important sector for the growth, development and welfare of modern societies. Over almost 200 years, we have built a multinational Group that is present in more than 60 countries, with 470 companies and nearly 80,000 employees.

GOSP - Generali Operations Service Platform is a joint-venture between Generali and Accenture and provides IT and Procurement services to Generali Group companies. Our purpose is to accelerate the Group's innovation and digitization strategy through the Cloud and shared platforms. Based in Italy it has 5 branches across Europe and employs about 1.000 people.

Additional location:

• Mogliano Veneto (TV), Italy