Description
Our client in Italy is looking for a Cyber Security Consultant to join their team in Milan.
Scope of business
The person will have to attend to her/his work in the analysis of the IT service risk of a major Italian public customer in order to renew the international ISO 27001.
It is a customer with a significant degree of maturity that has developed its own methodology based on ISO 27005 standards and with respect to the .
Responsibility
The person with the role of team/stream-leader will be occupied approximately full time within the project team for an IT Security service provided on the basis of a multi-year contract. He/She will report to the head of advisory services. He/She will regularly come into contact with representatives of the customer even higher level and will lend his work at the customer's premises in Milan.
In the course of his/her work will have to analyse the business processes of the customer to identify the relevant security risks and to ensure their timely evaluation by drafting reports and comprehensive to share and approval.
It will also proactively identify and inventive treatment options appropriate risk and define their recovery plans in terms of time-cost activities. The level of analysis will be at the level of process of application services and supporting infrastructure (eg DB).
Tenure: 15 April -15 December 2017
Requirements
Possibly degree at least three years in technical/mathematical disciplines.
At least 5 years (preferably more than 7) experience in Information Security Risk Management and Governance Risk & Compliance.
Excellent skills and proven experience in carrying out Risk Analysis ICT gained at large companies, public and private.
Ability to get in touch and communicate effectively with representatives of both managerial level (top management) is operational (service managers and technical representatives)
Experience and expertise in the definition of information security policies and procedures with an excellent knowledge of ISO 27001 and 27002, ISO 27005
Knowledge of regulatory requirements in the field of information security for the different contexts, in particular the excellent knowledge GDPR and formalities required
Ability to coordinate a group of people with different roles and responsibilities assigned to a sub-area of the project (stream), acting as a team-leader in that area and working to targets with respect of time and cost.
Request ISO 27001 certification
Has one or more certifications between CRISC, CISM, CISA