Cyber security GRC Consultant

Join to apply for the Cyber security GRC Consultant role at RINA RINA is currently recruiting for a Cyber security GRC Consultant to join its office in Genova, Rome or Milan within the Digital Technology and Cybersecurity Division. Mission We are looking for an experienced Cybersecurity Engineer to join and strengthen our technical team. Key Accountabilities Identifying security risks in organizations and complex systems/architectures Designing security measures and providing recommendations to improve security posture Ensuring compliance with laws, regulations, and cybersecurity standards Supporting customers in cybersecurity-related activities Drafting technical reports (often in English) Maintaining and updating RINA cybersecurity guidelines and assessment methodologies Providing technical support for business development, including drafting proposals and defining services Coordinating junior staff when applicable Education Bachelor’s Degree in Computer Science or Information Systems Qualifications At least 3 years of experience in cybersecurity, with proven expertise in GRC topics, GDPR technical aspects, and knowledge of relevant standards/regulations Strong knowledge of laws, regulations, international standards, and best practices (e.g. GDPR, ISO 27000 family, NIST Cybersecurity Framework, NIS Directives, ISA 62443, Common Criteria/ISO 15408, etc.) Experience in Governance, Risk & Compliance activities for IT/OT security Ability to identify and analyze information security risks in diverse contexts Excellent problem‑solving skills Strong verbal and written communication skills in Italian and English Flexibility and ability to manage multiple tasks in a fast‑paced environment Willingness to travel domestically and internationally Desired Qualifications One or more recognized security certifications (e.g. ISO 27001 Lead Auditor, ISA 62443, ISACA CISM/CISA/CRISC, ISC² CISSP, Data Protection Officer, etc.) Knowledge of security tools and platforms such as Governance Risk Compliance (GRC) platforms Previous experience with security certification processes for Information Security Management Systems (ISO/IEC 27001) or IT/OT products (Common Criteria, ISA 62443) Competencies ADDRESS THE WAY - Have a big picture of different situations and reinterpret it in a perspective way BUILD NETWORK - Forge trust relationships, across departments, and outside the organization CLIENT INTIMACY - Embrace internal and external client needs, expectations, and requirements to ensure maximum satisfaction EARN TRUST - Take everyone's opinion into account and remain open to diversity MAKE EFFECTIVE DECISIONS - Structure activities according to priorities, actions, resources and constraint MANAGE EMOTIONS - Recognise one's and other's emotions and express and regulate one's reactions PIONEER CHANGE - Actively embrace change and benefit from the new circumstances PROMOTE SUSTAINABLE DEVELOPMENT - Promote commitment by keeping promises as a Role Model THINK FORWARD - Capitalise on experiences and translate them into action plans for the future At RINA, we endeavor to create a work environment where every single person is valued and encouraged to develop new ideas. We provide equal employment opportunities and are committed to creating a workplace where everyone feels respected and safe from discrimination or harassment of any kind. We are also compliant to the Italian Law n. 68/99. Seniority level Associate Employment type Full-time Job function Information Technology Industries Mechanical Or Industrial Engineering, Environmental Services, and Information Technology & Services #J-18808-Ljbffr