Security Risk and Reporting Specialist

The Unit Security Risk and Reporting is responsible for planning, preparing and carrying out activities aimed at ensuring that processes and activities affecting the Information Security Management System are performed according to the international/local regulations and to internal policies, guidelines and technical measures. It is also in charge of monitoring security activities in terms of metrics, statistics, KPI and of checking the company's posture against relevant security certifications.

The Unit has responsibilities on:

• Act as a focal point for audit and controls on GOSP Information Security Management System
• Ensure the good standing of the ISMS supporting the compliance to ISO27001 and other security related standards
• Ensure the good standing of the ISAE3402 compliance
• Support during internal, thematic, advisory and external audit activities
• Facilitate reporting capabilities & define accompanying processes to provide sufficient information to create reports on target technology
• Delivery of metrics, statistics and KPI about Security

The candidate will report to the Head of Security Risk and Reporting (or his/her internal delegates) and will support on:

• The development and collection of meaningful information to provide the interested internal and external stakeholders with measures, statistics and KPI, through regular reporting tools and on-demand queries (managerial and detailed)
• The measurement of the IT Security metrics, identifying possible improvements as well as key element to highlight with the stakeholders
• Internal and external audits activities over the GOSP Countries (e.g. ISO27001, ISAE3402, etc.)
• The management of the cyber risks related to the GOSP environment
• Collaboration and collaboration with external consultants

Requirements

Our ideal candidate will meet the following requirements:

• Master’s Degree with ICT / ICT Security background or with Economy/Statistics /Mathematics background
• Good English knowledge (at least CEFR B1, written/spoken)
• Experience at least of 3 years (preferable in consultancy environment)
• Microsoft Office suite usage (Word, PowerPoint, Excel)
• Use of on-line collaboration tools (Teams, SharePoint)
• Knowledge on Cyber Security principles

Soft Skills:

• Ability to work in a large international organization, multicultural contexts
• Analytical and effective communication skills
• Interpersonal relations management skills in an international environment
• Demonstrated ability to work effectively as part of a team, sharing knowledge
• Proactivity

Company Profile

Generali is a major player in the global insurance industry - a strategic and highly important sector for the growth, development and welfare of modern societies. Over almost 200 years, we have built a multinational Group that is present in more than 60 countries, with 470 companies and nearly 80,000 employees.

GOSP - Generali Operations Service Platform is a joint-venture between Generali and Accenture and provides IT and Procurement services to Generali Group companies. Our purpose is to accelerate the Group's innovation and digitization strategy through the Cloud and shared platforms. Based in Italy it has 5 branches across Europe and employs about 1.000 people.

Additional locations:

• Trieste, Italy
• Mogliano Veneto (TV), Italy