Digital Risk Analyst
1 settimana fa
**Contract type**: Permanent
**Salary** based on experience
Workplace: 20851 Lissone MB, Italia, smart working 2gg/settimana
For a **Sporting Goods Retailer** based in Italy we are looking for a:
**DIGITAL RISK ANALYST**
The **Information Security** vision aims to build trust and provide Security & Compliance assurance and confidence to customers.
Technology (Digital) Italian team is fully aligned with the global corporate effort to improve cybersecurity at all levels: acting locally as part of a global network, we are part of a **Shared Responsibility model** crafted in the defined Group Information Security Policy.
Today our country's cybersecurity capabilities are primarily inside the **Network and Security team**; the 2023 organization will evolve to reinforce these capabilities by having dedicated resources to Cybersecurity.
The Digital Risk Analysts **will report directly to the IT Country Leader.**
As **Digital Risk Analyst - Local Security Responsible **you will act at country scale
- Leading risk analysis interviews on local IT assets and solutions;
- Reporting on identified risks;
- Identify and define action plans to reduce security risks;
- Managing security projects (large or complex assessment, coordination of other people (analyst, PO, tech, etc), follow-up actions
plan, local deployments for corp security solutions)
You’ ll play also the role of **Local Security Officer**
- Implementing the Group Information Security Policy and associated specific policies in your country perimeter (taking part of the global Information Security governance led by our group CISO).
- Contributing to provide visibility on country cybersecurity status by collecting, monitoring, animating relevant KPI.
- Contributing to actively monitor the regulatory and security context, with particular focus on local regulations.
**QUALITIES**:
- Sporty
- Good at communicating with all stakeholders (peers review, clear and efficient communication, reporting).
- Well organized and planned.
- Passionate about technical innovations and continuous learning.
**REQUIREMENTS**:
**Must have**:
- Higher education in IT or business school.
- At least 1-2 years experience in a position focused on the analysis and management of Information System security risks.
- Familiar with IS risk frameworks (ex. ISO 2700X), IS risk analysis process, IS risk analysis tooling.
- Ability to deliver clear and detailed reporting on evaluated risks and associated security controls.
- Ability to define the actions plan to reduce the risks taking into account weighing cost and value in decision making.
- Fluent in English, both orally and in writing (it’s mandatory in order to communicate and collaborate with international tech teams and
other countries' representatives)
- **Nice to have**:
- Familiar with working in matrix environments
- Familiar with NIST Cybersecurity framework
LI-Hybrid
