Ictp Governance

2 settimane fa

Genova, Italia ERG Group A tempo pieno

**Areas of Responsability**:
Ensuring an adequate development and implementation of ICT governance and control processes, in line with ICT Strategy, business plan objectives and ICT recognized best practices and standards.

Main responsibilities:

- Support the Manager in leading the process of defining and regularly updating the ICT plan
- Work with Organization for the definition and regular maintenance of the relevant procedural system in relation to the ICT field, with particular reference to ICT Security and Disaster Recovery procedures
- Manage end-to
- end the Group Information Security Management System
- Act as a trainer and evangelist on ICT governance topics for other ICT and non ICT organizational units
- Support the responsible UO in the definition of physical and logical security measures consistent with the best reference practices and appropriate to the Group's risk profile
- Ensure the definition of rules and guidelines to establish, maintain, monitor and review the system for managing the information security of computer systems
- Support the definition of the ICT security plan
- Support the development of the information systems disaster recovery plan
- Support the Manager and ICT budget owners in all processes related to budget definition, utilization and control
- Manage the internal controls framework with regards to development and operation of the Group's information systems, in coordination with the other areas of Compliance identified in the Group

**Studies**:
University degree in engineering.
*
Work Experience: *
- Experience in managing ISO Compliant ISMS and certification processes
- Experience in drafting technical specifications and tender specifications
- Experience in project management
- Experience in managing suppliers

**Languages**:

- Fluent English
- French and/or German and/or Italian will be considered a plus

**It Skills**:

- Good knowledge ISO27001 & ISO27019 frameworks (auditor certification not required but nice to have)
- Knowledge of listed companies compliance requirements (262 in particular)
- Good system analysis and troubleshooting skills
- Knowledge of the Capex / Opex budget process

Job Reference: ERGG00409