IT Cybersecurity & Compliance Specialist - Industrial

Job description

For a leading Italian industrial group undergoing significant growth and expansion through acquisitions, we are seeking an

IT Cybersecurity & Compliance Specialist

Reporting directly to the Chief Information Officer (CIO), the successful candidate will play a key role in strengthening the organization's cybersecurity framework, contributing to both operational security activities and the broader areas of governance, regulatory compliance, and IT risk management.

The position will be responsible for supporting the development and oversight of the company's cybersecurity ecosystem, ensuring the effective integration of technology, processes, and organizational practices to enhance cyber resilience and regulatory compliance.

Key Responsibilities

• Support cybersecurity operations activities, including incident detection, response, and remediation
• Act as a key point of coordination with external Security Operations Centers (SOC), Network Operations Centers (NOC), and cybersecurity service providers
• Contribute to the definition, implementation, and continuous improvement of cybersecurity policies, procedures, and security standards
• Support compliance initiatives related to NIS2, GDPR, and recognized cybersecurity frameworks
• Participate in audits, vulnerability assessments, security reviews, and remediation programs
• Contribute to the definition of cybersecurity roadmaps, performance metrics, and continuous improvement initiatives aimed at strengthening the organization's security posture
• Support the monitoring and effectiveness of security controls, detection capabilities, and response processes
• Collaborate with business and technology stakeholders to promote cybersecurity awareness and risk mitigation across the organization

Technical RequirementsStrong knowledge of:

• Cybersecurity operations, including SOC, NOC, and Incident Response activities
• Security technologies and platforms, including SIEM, EDR/XDR, and MDR solutions
• Cybersecurity architectures and data protection strategies
• Vulnerability management, threat assessment, and IT risk management methodologies
• Security frameworks and standards, including ISO 27001, NIST, and CIS Controls
• Regulatory requirements and compliance frameworks, particularly NIS2 and GDPR
• Audit management, internal controls, regulatory reporting, and compliance monitoring
• Incident notification and regulatory reporting processes
• Cybersecurity program development and security roadmap definition
• Data-driven security approaches, including security metrics, KPIs, and reporting
• Security investment evaluation, risk exposure assessment, and prioritization methodologies

Candidate Profile

The ideal candidate combines strong cybersecurity expertise with a pragmatic and hands-on approach, demonstrating the ability to balance operational priorities with governance and compliance requirements.Key attributes include:

• autonomy and accountability in managing assigned responsibilities
• ability to operate effectively within dynamic and evolving environments
• strong analytical and problem-solving capabilities
• practical, results-oriented mindset
• effective communication and stakeholder management skills
• ability to coordinate internal teams, external partners, and technology providers

Additional Information

This position offers the opportunity to contribute directly to the evolution of cybersecurity governance and resilience within a growing industrial organization operating in a complex and rapidly changing business environment.

Location: Milan, Italy