Requirements: English
Company: FinecoBank S.p.A.
Region: Milan , Lombardy
Fineco Bank is a leading European bank with a 20 years history and a fully digital DNA with a branchless approach since the start. Fineco is one of the banks with the widest products range available. We have developed a truly one-stop-solution which includes trading, investment and payment services. We have developed an 100% proprietary platform for trading and investment which covers all customer needs from trading listed and OTC product to investment product such as mutual funds and ETF. In addition to this we also offer banking and payment solution for domestic and international demand.The current role is available at both the Milan and Reggio Emilia office.As part of Cyber Security team, we are looking for someone who will be supporting FinecoBank in all Cyber Security operations covering enterprise and cloud security across the organization, supporting all the business divisions. The role requires ability to enforce procedures and compliance across IT systems and services. Working closely with stakeholders and third parties you will ensure that the appropriate objectives and priorities are enabled and supported to protect the organization from cyber threats.Job OverviewThe primary purpose of this role is to address security aspects in the most challenging environment for a security expert : a banking institution; an evolving business scenario; high priority of the cyber risk among the top risks for the bank; peculiar cybercrime and cyber threats scenarios.You will be part of a competitive, determined team in constant growth, aiming at ensuring the business resilience and contributing to the good reputation for the Company. Youll have the chance to develop and hone your technical competencies and to foster your exposure and your ICT security background. This a hands-on, senior technical role.Primary Responsibilities and ActivitiesBe a member if internal incident response teamContribute to investigations into network intrusions and other cyber security breaches / attacksLearn the post incidents lessons and use them to eradicate root causes and vulnerabilities and to improve the company security postureContribute to the definition and conduction of security assessment for applications, network and infrastructure, identifying apps and remediation plan in coordination with involved ICT StructuresPerform research and analysis of emerging and on-the-edge technologies and related cyber security threats and implicationsDesign ICT security architectural patterns and define best practices and standards for securing networks, services, assets, processes and toolsManage and improve existing security solutionsScout and evaluate new cyber security defensive approaches, solutions and technologiesProduce and consume cyber threats intelligence and contribute to cyber risk analysis and evaluationConduct or manage vulnerability assessment and penetration testsJob Requirements EducationBachelors degree in computer science, math, engineering or equivalent related IT experienceCISSP, CEH, OSCP, CCSP or other InfoSec professional certifications are a plusExperience5+ years of cyber security experience, spent working on the field in one or more of the following : Network Security, Enterprise Systems Security, SDLC Security, Data Security, Cybersecurity and Security Operations (SOC, CERT, Cyber Threat Intelligence teams, Vulnerability Management, Penetration Testing, ), Identity and Access Management5+ years successfully managing complex security / IT solutionsKnowledge and SkillsGenuine passion in cyber security, proactivity and curiosityKnowledge of network engineering, concepts and securityKnowledge of shell and scripting languages (Perl, Python, etc.)Awareness of European and international legislation landscape in information security area is considered a plusStrong knowledge of standards of information security management (ISO / IEC, NIST) and best practices (ENISA, OWASP, CSA, etc.)Strong knowledge of the Cyber security application landscape and ability to manage and forensic tool, threats detection and mitigation, big data for security)Cloud computing and relevant cloud security technologiesAbility to handle pressure, timely delivery and tolerance to tight schedule together with problem solving attitudeFluent English (written and spoken)Cyber Security Specialist Milano, Italia#J-18808-Ljbffr