Information Security Manager

Job description

Our Client is an international leading Company in the Financial Services sector, on their behalf we are looking for an

Information Security Manager

Mission:

The primary role of the Information Security Manager is to ensure the security and protection of our company’s Information and data. This individual will be responsible for developing, implementing, and maintaining security policies, procedures, and controls to safeguard our company’s data against cyber threats and data breaches.

Key Responsibilities:

• Develop and implement company’s information security policies, procedures, and controls to protect sensitive data.
• Conduct regular risk assessments and audits to identify potential security vulnerabilities and recommend solutions.
• Monitor and analyse company’s data for potential security breaches or unauthorized access.
• Investigate security incidents and breaches and take appropriate action to mitigate risks.
• Identify business continuity requirements, providing information to determine the most appropriate business continuity solutions.
• Lead internal security specialist (2) and external consultants.
• Provide training and awareness programs to educate employees on cybersecurity best practices.·
• Collaborate with IT teams to ensure the security of company’s data systems and infrastructure.
• Collaborate with other company’s functions or external partners during contract review and ensuring security measures are applied.

 Technical Skills:

• Proficiency in using security tools such as intrusion detection systems, firewalls and antivirus software.
• Experience in managing access controls and identity management systems to prevent unauthorized access.
• Knowledge of encryption techniques and protocols to secure data transmission and storage.
• Experience in performing vulnerability assessments and penetration testing to identify and remediate security weaknesses.
• Familiarity with regulatory requirements such as GDPR, HIPAA, ISO 27001, NIS-2 and other relevant data protection laws.
• Understanding of cloud security principles and best practices for securing cloud-based services.
• Ability to implement and manage security incident response procedures and protocols.
• Strong analytical and problem-solving skills to assess security risks and develop effective countermeasures.
• Stay current on emerging cybersecurity threats and trends to proactively address potential risks.
• Sense of urgency of each activity undertaken by the company by assessing the impact over time caused by any potential or actual disruption to this activity on the delivery of products and services.

 Requirements: 

• Bachelor’s degree in computer science, Information Technology, or related field.
• Certified Information Systems Security Professional (CISSP) or similar certification preferred.
• Proven experience in information security, with a focus on company data security.
• Strong knowledge of cybersecurity principles, best practices and regulatory requirements.
• Certified knowledge of English (minimum C1 or IELTS 7.0)

  Personal skill:

• Excellent analytical and problem-solving skills.
• Effective communication skills, with the ability to explain complex security concepts also to non-technical stakeholders.
• Able to work in a multinational environment/company with a matrix approach.
• Strong attention to detail and ability to work independently and collaboratively.

   Place of work: Milan and Rome