CyberSecurity Risk Engineer

OverviewMSC Mediterranean Shipping Company is a global business engaged in the shipping sector. Present in 155 countries, MSC facilitates international trade between the world’s major economies, and among emerging markets across all continents. Headquartered in Geneva, Switzerland, since 1978, MSC is a privately-owned organisation driven by the Aponte family. Today, we continue to focus on caring for customers, employees and the environment.From a one-vessel operation to a globally respected business we have an unfaltering commitment to people that have passion, creativity and willing to make a change.MSC Technology Italy is the first division located in the national territory, complementing existing offices in Geneva (the Group's headquarters), Warren (New Jersey, USA), and Chennai (India).MSC Technology embodies Passion and a commitment to Continuous Evolution, strongly believing in Equal Opportunities and Caring for its People—ultimately fostering a sense of Family within the Company.With over 3,000 employees, our Technology Department plays a pivotal role in driving business growth and elevating the quality standards across our functional lines.Working within an international office and engaging in cross-country collaboration offers the opportunity to connect with individuals boasting diverse technical skills, backgrounds, cultures, and professional experiences. International travel not only enriches your understanding of business and languages within the ICT realm but also provides avenues for personal and professional growth.In 2020, MSC Technology Italy was established as a technological division of MSC with the goal of creating a Center of Excellence to support the MSC Group's business.Do you recognize yourself? Then come work with us and be part of MSC’s familyResponsibilitiesYou will join the Information Security Risk Management & Compliance team in the Cybersecurity Division, playing a critical role in identifying, assessing, and mitigating risks associated with the company's IT security posture. The ideal candidate will design, implement, and manage security solutions, ensuring the protection of cloud-based assets and compliance with regulatory standards.Develop and enforce security policies, standards, and procedures aligned with GRC requirements.Conduct risk assessments and vulnerability analysis for Azure cloud environments.Assist in the identification and evaluation of potential risks across different scenarios (IT infrastructure, components & systems, Cloud environments, third parties etc.).Ensure compliance with relevant regulations and industry standards.Create and manage governance frameworks for cloud security and compliance.Generate regular reports on risk posture, compliance status, and key performance indicators.Maintain comprehensive documentation of risk assessments, compliance efforts, and audit findings.Support the development and delivery of risk management and compliance training programs for employees.Conduct regular security audits and assessments to identify and mitigate risks.Assist in preparing for and participating in internal and external audits.Assist ensuring that audit findings are addressed promptly and effectively.Work closely with IT, DevOps, and business teams to integrate security practices.Provide guidance and training on security best practices and compliance requirements.Qualifications and experienceAbility to analyze complex data sets and identify trends, patterns, and potential risks.Proficiency in using analytical tools and software for risk assessment.Accuracy and precision in documentation and analysis of risk-related information.Strong ability to spot discrepancies and inconsistencies in compliance data.Clear and effective communication skills, both written and verbal.Capability to convey risk-related information to various stakeholders in a concise and understandable manner.Understanding of relevant industry and sector regulations (TISAX, IMO, NIS2), compliance standards (ISO / IEC 27001, ISO 22301, NIST Cyber Security Framework) and legal requirements (GDPR).Awareness of emerging trends and changes in the compliance and regulatory landscape.Technical requirementsBasic knowledge of Microsoft Azure platform, its components and related configurations and ability to identify potential related security issues.Basic Knowledge of IT OT and IoT Devices.Basic Knowledge of Power BIDevelopment skills on PowerShell scripting, PhytonProven experience with queries languages (e.g. : SQL, KQL)MS Office Products.Fluency in English (oral and written).Bachelor’s degree relevant to Information Technology / Computer Science, Engineering (or equivalent).ISO / IEC 27001 qualification (desirable).Azure Cloud Security Certification (desirable).IT Auditor Certifications (CISA desirable).IT Risk Management Certifications (CISM desirable).ISO 27001 Lead Implementer CertificationsWhat we offerWe offer a range of benefits including new Learning opportunities, a comprehensive Welfare System, Life and Health Insurance, Modern Workstation and Discounts within the MSC group.Moreover, MSC Technology Italy fosters a culture of innovation and wellbeing by simultaneously pursuing various initiatives. These include Meetups, Technical and General Events such as Gaming Tournaments, Company Charity Initiatives and a Sustainability program designed to benefit all employees.Our Company provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics.#J-18808-Ljbffr