Social network you want to login/join with:
RINA is currently recruiting for a Cybersecurity GRC Consultant to join its office in GENOA, ROME OR MILAN within the Cyber Security and Management Consulting Division.
Mission
The mission of the Cyber Security GRC consultant is to join our Cyber Team in GENOA, ROME or MILAN.
Key Accountabilities
The person will be in charge of:
* Carrying out technical activities such as:
* Identifying security risks within organizations and complex systems/architectures.
* Designing security measures and providing recommendations or suggestions to improve security postures.
* Verifying compliance with laws, regulations, and standards pertaining to security and cybersecurity.
* Providing support to customers in cybersecurity-related activities.
* Drafting technical/procedural documents related to:
o IT Security Governance, Risk and Compliance aspects (wrt ISO/IEC 27001:2022, NIS/NIS2 directives, PSNC, etc.)
o INFOSEC aspects (wrt National Scheme for IT products security evaluation, Common Criteria/ISO 15408, ENISA EUCC)
o Cybersecurity in Industrial Automation Control Systems (wrt IEC 62443 requirements families for risk assessment, systems and components)
o Marine cybersecurity requirements from International Association of Classification Societies (wrt IACS Unified Requirements, IMO circulars, Flag Administrations requests, etc.)
* Maintaining and updating the RINA cybersecurity guidelines and assessment methodologies.
* Supporting business development from a technical point of view, drafting technical offers and detailing services (for senior personnel).
Education
Bachelor’s Degree in Engineering General.
Qualifications
Requirements:
* Knowledge of laws, regulations, international standards, and best practices (e.g. ISO/IEC 27001 and 27000 family, NIST Cybersecurity Framework and National Framework for Cyber Security and Data Protection, NIS/NIS2 Directives, ISA/IEC 62443, Common Criteria/ISO15408, ISO21434, etc.).
* Engineering academic background.
* Strong problem-solving ability.
* Excellent verbal and written communication skills - Italian and English as a minimum.
* Flexibility and ability to multi-task in a fast-paced atmosphere.
* Availability to travel within the country and abroad.
Desired Requirements:
* Experience with a wide range of computer systems and security tools.
* Security Certifications: e.g. ISO/IEC 27001 Qualified Lead Auditor, GIAC/GICSP or ISA/IEC 62443 related certifications, CEH, OSCP, ISACA CISM/CISA/CRISC, ISC2 CISSP.
* Adequate knowledge of programming languages (Java, C/C++/C#, VB.Net, Python), their interfaces with principal DBMS, and their development environments.
* Adequate knowledge of networking (in terms of segmentation, used protocols, security, etc.). Past experiences in network administration/configuration will be appreciated.
Competencies
* ADDRESS THE WAY - Have a big picture of different situations and reinterpret it in a perspective way.
* BUILD NETWORK - Forge trust relationships across departments and outside the organization.
* CLIENT INTIMACY - Embrace internal and external client needs, expectations, and requirements to ensure maximum satisfaction.
* EARN TRUST - Take everyone's opinion into account and remain open to diversity.
* MAKE EFFECTIVE DECISIONS - Structure activities according to priorities, actions, resources, and constraints.
* MANAGE EMOTIONS - Recognise one's emotions and those of others.
#J-18808-Ljbffr