We are looking for a Cyber Security Specialist for Cybersecurity Governance – GRC activities for an important client in the public transport sector, you will be in charge of governance and compliance with the relevant NIST and ISO standards.
Key requirements:
- At least 3/5 years’ experience in the Cybersecurity field;
- Bachelor’s or Master’s degree in Computer Science, Computer Engineering or STEM address.
For the first phase of the project, it is necessary to:
- Have gained experience in GRC (Governance Risk Compliance);
- Having carried out IT audits independently;
- Thorough knowledge of the ISO 27001 standard;
- Knowledge of GDPR;
- Knowledge of Business Continuity (ISO 22301) and Disaster Recovery;
- Ability to independently develop and write documentation regarding compliance with the ISO 27001 standard;
- Ability to support the design of security solutions for applications, infrastructure and industrial control systems;
- Ability to perform practical VA and PT activities (preferred but not mandatory).
Second phase of the project:
- Technical and technological assessment and management of IT security incidents and typical SOC technical and managerial escalation procedures;
- Ability to interpret and assess security incidents from the analysis of logs of systems, networks and perimeter security systems;
- Ability to restore systems in the event of a disaster (systems and networks);
- Technical and technological evaluation and management of security hardening techniques for networks, complex systems and perimeter security equipment (firewalls);
- Knowledge of the main security systems paradigms (Active Directory, Radius, Firewalling, NAT/PAT, Proxy and reverse proxy, antivirus, SIEM, Log manager, authentication systems, EDR, XDR). In particular, knowledge of firewall check point systems, fortinet of SIEM Log 360 Manage Engine) is appreciated;
- Strong technical system skills proven by having technically managed and maintained ICT and/or OT infrastructures;
Location: Rome (hybrid)