Cybersecurity GRC Consultant
RINA
Rozzano
20
Scarso
help
thumb_up Mi piace
Azienda: RINA Rozzano
Mission
RINA is currently recruiting for a Cyber Security GRC consultant to join our Cyber Team in GENOA, ROME or MILAN
Key Accountabilities
The persons will be in charge of:
• Carry out technical activities such as:
• Identify security risks within organizations and complex systems/architectures.
• Design security measures and provide recommendations or suggestions to improve security postures.
• Verify compliance versus laws, regulations and standards pertaining security and cybersecurity.
• Provide support to Customers in cybersecurity related activities.
• Draft technical/procedural documents related to:
• IT Security Governance, Risk and Compliance aspects (wrt ISO/IEC 27001:2022, NIS/NIS2 directives, PSNC, etc. )
• INFOSEC aspects (wrt National Scheme for IT products security evaluation, Common Criteria/ISO 15408, ENISA EUCC)
• Cybersecurity in Industrial Automation Control Systems (wrt IEC 62443 requirements families for risk assessment, systems and components)
• Marine cybersecurity requirements from International Association of Classification Societies (wrt IACS Unified Requirements, IMO circulars, Flag Administrations requests, etc. )
• Maintain and update the RINA cybersecurity guidelines and assessment methodologies.
• Support the business development from a technical point of view, drafting technical offers and detailing services (for senior personnel).
#LI-MM2
Education
Bachelor’s Degree in Engineering General
Qualifications
Requirements:
• Knowledge of laws, regulations, international standards and best practices (e. g. ISO/IEC 27001 and 27000 family, NIST Cybersecurity Framework and National Framework for Cyber Security and Data Protection, NIS/NIS2 Directives, ISA/IEC 62443, Common Criteria/ISO15408, ISO21434, etc. ).
• Engineering academic background.
• Strong problem-solving ability.
• Excellent verbal and written communication skills - Italian and English as a minimum.
• Flexibility and ability to multi-task in a fast-paced atmosphere.
• Availability to travel within the Country and abroad.
Desired Requirements:
• Experience with a wide range of computer systems and security tools.
• Security Certifications: e. g. ISO/IEC 27001 Qualified Lead Auditor, GIAC/GICSP or ISA/IEC 62443 related certifications, CEH, OSCP, ISACA CISM/CISA/CRISC, ISC2 CISSP.
• Adequate knowledge of programming languages ( Java, C/C++/C#, VB. Net, Python), their interfaces with principal DBMS, and their development environments.
• Adequate knowledge of networking (in terms of segmentation, used protocols, security, etc. ). Past experiences in network administration/configuration will be appreciated.
Competencies
• ADDRESS THE WAY - Have a big picture of different situations and reinterpret it in a perspective way
• BUILD NETWORK - Forge trust relationships, across departments, and outside the organization
• CLIENT INTIMACY - Embrace internal and external client needs, expectations, and requirements to ensure maximum satisfaction
• EARN TRUST - Take everyone's opinion into account and remain open to diversity
• MAKE EFFECTIVE DECISIONS - Structure activities according to priorities, actions, resources and constraint
• MANAGE EMOTIONS - Recognise one's and other's emotions and express and regulate one's reactions
• PIONEER CHANGE - Actively embrace change and benefit from the new circumstances
• PROMOTE SUSTAINABLE DEVELOPMENT - Promote commitment by keeping promises as a Role Model
• THINK FORWARD - Capitalise on experiences and translate them into action plans for the future
With over 5,600 employees and 200 offices in 70 countries worldwide, RINA is a multinational player which provides certification, marine classification, product testing, site supervision and vendor inspection, training and engineering consultancy services across a wide range of sectors. Our business model covers the full process of project development, from concept to completion. The aim is to guarantee a project’s technical, environmental and safety - and sometimes also economic and financial - sustainability.
At RINA, we endeavor to create a work environment where every single person is valued and encouraged to develop new ideas. We provide equal employment opportunities and are committed to creating a workplace where everyone feels respected and safe from discrimination or harassment of any kind. We are also compliant to the Italian Law n. 68/99.
✔ RINA
Condividi:
