Requirements: English
Company: KRUK Italia S.r.l.
Region: Milan , Lombardy
Join to apply for the Information Security Officer (ISO) role at KRUK Italia S.r.l.4 days ago Be among the first 25 applicantsGet AI-powered advice on this job and more exclusive features.The Local ISO is responsible for implementing and maintaining the Information Security Management System in accordance with Group policies and regulations, as well as Italian laws and regulations regarding information security. The Local ISO acts as a point of contact with the Group for all information security matters within the Italian branch.RequirementsDegree in Computer Science, Engineering, or significant experience in the roleAt least 3 years of experience in information security roles, preferably in the financial or debt collection sector and in international groupsBasic technical knowledge of common security tools (firewalls, intrusion detection systems, endpoint protection, MFA, IAM, PAM)Experience in cloud and hybrid cloud risk assessment and mitigationExcellent communication and relationship management skills, good experience connecting business and ITFluent in Italian and EnglishIn-depth knowledge of information security standards like ISO27001, and familiarity with data protection laws and project management basicsWillingness to engage in IT security auditsAwareness of ISO27001, DORA, NIS Security Guidelines, and other security standardsDesirable:Certifications in information security (CISSP, CISM, CISA) are a plusExperience in ISO 27001 certificationResponsibilitiesCollaborate with other security functions (DPO, Risk Management Units, IT Infrastructure Dept.) to manage local technology compliance, monitoring, and ensuring IT activities and systems comply with security requirementsSupport Risk Owners in managing information security risks and overseeing their activitiesConduct internal and external cybersecurity controlsAssess business partners and new software/applications from a security perspectiveIdentify, assess, and implement actions to mitigate security risks; evaluate control effectivenessReport on local security levels using Key Risk IndicatorsOrganize and conduct training to increase employee security awarenessEnsure compliance with local regulations and monitor operations for security adherenceParticipate in defining Group Security Standards and adapt them locallyManage and respond to security incidents collaboratively with Group and local security teamsAdditional DetailsSeniority level: Not ApplicableEmployment type: Full-timeJob function: Information Technology#J-18808-Ljbffr