Requirements: English
Company: TN Italy
Region: Milan , Lombardy
IT&Security Governance Specialist, MilanCompany DescriptionFineco Bank is a leading European bank with a 20-year history and a fully digital DNA with a branchless approach since the start. Fineco offers a wide range of products, including trading, investment, and payment services through a proprietary platform covering all customer needs from trading listed and OTC products to mutual funds and ETFs. We also provide banking and payment solutions for domestic and international markets.PositionJob DescriptionWithin the ICT & Security Governance team, the selected candidate will be responsible for:Developing and updating internal regulatory frameworks (e.g., policies, procedures, controls) and identifying new needs arising from legislative, technological, or contextual changes, including management of outsourcers and third parties.Defining safeguards to ensure compliance with internal and external regulations, from product and service development phases.Managing updates and evolution of governance support tools (e.g., GRC, incident/security incident management, change management).Monitoring ICT & security performance metrics and frameworks.Analyzing and assessing cybersecurity and security risks, evaluating potential impacts, and implementing mitigation measures.Promoting and implementing ICT & security practices and controls to ensure compliance with corporate policies, plans, and standards.Collaborating with second and third level control functions (e.g., Risk, Compliance, Audit) in applying the internal control system.RequirementsThe ideal candidateHas at least 7 years of experience in ICT & Security Governance or ICT Risk.Possesses knowledge of frameworks (e.g., ISO 27001, NIST, ITIL, COBIT, PCI) and relevant regulations (e.g., Circular 285, PSD2, GDPR, 262, 231), with experience in their implementation.Has previous experience in defining and implementing cybersecurity risk assessment methodologies.Has experience in drafting security and ICT policies, procedures, maturity assessments, and benchmarking.Knows security solutions such as SIEM, Identity & Access Governance, Data Security & Protection, IDS/IPS, Data Masking & Tokenization.Fluent in English.Holds a degree in computer science, engineering, or equivalent.Holds certifications in ICT/Security (e.g., ISO 27001, ITIL).Demonstrates strong interpersonal, analytical, organizational, and problem-solving skills.Other information#J-18808-Ljbffr