HSPI S.p.A, operating on the entire national territory and specialized in IT/Security Governance and part of the TXT Group, for expansion and strengthening of the staff of the Milan office is looking for a Cybersecurity & Risk Consultant figure.
The resource will play a central role in assessing and determining risk profiles and areas for improvement of the security posture in realities belonging to different market sectors, in compliance with cybersecurity best practices, frameworks and regulations.
The resource will be placed in a high-potential team delivering consulting services for large Private Sector and Public Sector Clients, in complex environments and critical infrastructure.
Specifically, the resource will be placed on project teams dealing with:
Definition of ICT risk analysis and business impact analysis models;
Definition of models for representation of IT Systems Architectures for application and technology business layers;
Mapping of existing Architectures to the defined models through analysis of project documentation, exercise and interviews with relevant facilities;
Supporting the review and/or development of Information Security and Cybersecurity Management Systems based on regulations, best practices, international and national standards (NIST, SANS, ENISA, ISO, ISACA, CIS-CSC, CSA, GDPR, NIS Directive, DORA, PSNC, etc.);
Support for the evaluation of processes and control systems for Information Security and Business Continuity;
Support business impact analysis, dependency analysis, Enterprise Architecture model development.
Required technical skills:
Good knowledge of the English language (written and oral);
Good communication and interpersonal skills.
Preferred evaluation elements:
Nozioni teoriche e pratiche relative alle Architetture dei Sistemi informativi e networking (basi del networking e degli stack TCP/IP e ISO-OSI);
Conoscenza di best practice e framework internazionali di Risk Management e Sistemi di gestione della Sicurezza delle Informazioni (ad esempio: ISO/IEC 27001, NIST Cybersecurity Framework, CIS-CSC, OWASP);
Conoscenza delle principali normative di Sicurezza delle Informazioni (GDPR, Misure minime AGID, Direttiva NIS, IVASS art. 38, 285/I/IV/4 Banca d'Italia);
Certificazioni quali CISA / CISM, CISSP, ISO/IEC 27001 L.A., CEH, CompTIA, OSSTMM, GIAC.
However, profiles without work experience will also be evaluated.
Excellent analytical and interpersonal skills, accuracy, organizational autonomy and a strong orientation towards teamworking and achieving results complete the profile.
Education: Bachelor's degree in Management Engineering, Computer Science, Mathematics, Telecommunications or equivalent disciplines.
Why choose HSPI:
Hybrid work mode;
Customized training plans and achievement of internationally recognized certifications;
Opportunity to compare and share models and skills with experienced professionals in the field, in an active and challenging environment;
Opportunity to experiment in an international, young and dynamic context;
Direct relationship with corporate management and end customers.
The level of entry and remuneration will be commensurate with the actual experience and seniority gained.
Position open to candidates regardless of gender, in accordance with Legislative Decree 198/2006. The company promotes equal opportunities and values diversity in all its forms.
#Li- Hybrid
#HSPI