Cyber security GRC Consultant

RINA is currently recruiting for a
Cyber security GRC Consultant
to join its office in
Genova, Rome or Milan
within the
Digital Technology and Cybersecurity
Division.

Mission
We are looking for an experienced
Cybersecurity Engineer
to join and strengthen our technical team.

Key Accountabilities
The selected candidate will be responsible for:

• Identifying security risks in organizations and complex systems/architectures;
• Designing security measures and providing recommendations to improve security posture;
• Ensuring compliance with laws, regulations, and cybersecurity standards;
• Supporting customers in cybersecurity-related activities;
• Drafting technical reports (often in English);
• Maintaining and updating RINA cybersecurity guidelines and assessment methodologies;
• Providing technical support for business development, including drafting proposals and defining services;
• Coordinating junior staff when applicable.

Education
Bachelor's Degree in Computer Science or Information Systems

Qualifications

• At least 3 years of experience in cybersecurity, with proven expertise in GRC topics, GDPR technical aspects, and knowledge of relevant standards/regulations;
• Strong knowledge of laws, regulations, international standards, and best practices (e.g. GDPR, ISO 27000 family, NIST Cybersecurity Framework, NIS Directives, ISA 62443, Common Criteria/ISO 15408, etc.);
• Experience in Governance, Risk & Compliance activities for IT/OT security;
• Ability to identify and analyze information security risks in diverse contexts;
• Excellent problem-solving skills;
• Strong verbal and written communication skills in Italian and English;
• Flexibility and ability to manage multiple tasks in a fast-paced environment;
• Willingness to travel domestically and internationally.

Desired Qualifications:

• One or more recognized security certifications (e.g. ISO 27001 Lead Auditor, ISA 62443, ISACA CISM/CISA/CRISC, ISC² CISSP, Data Protection Officer, etc.);
• Knowledge of security tools and platforms such as:
• Governance Risk Compliance (GRC) platforms.
• Previous experience with security certification processes for Information Security Management Systems (ISO/IEC or IT/OT products (Common Criteria, ISA

Competencies

• ADDRESS THE WAY - Have a big picture of different situations and reinterpret it in a perspective way
• BUILD NETWORK - Forge trust relationships, across departments, and outside the organization
• CLIENT INTIMACY - Embrace internal and external client needs, expectations, and requirements to ensure maximum satisfaction
• EARN TRUST - Take everyone's opinion into account and remain open to diversity
• MAKE EFFECTIVE DECISIONS - Structure activities according to priorities, actions, resources and constraint
• MANAGE EMOTIONS - Recognise one's and other's emotions and express and regulate one's reactions
• PIONEER CHANGE - Actively embrace change and benefit from the new circumstances
• PROMOTE SUSTAINABLE DEVELOPMENT - Promote commitment by keeping promises as a Role Model
• THINK FORWARD - Capitalise on experiences and translate them into action plans for the future

RINA is a multinational company providing a wide range of services in the energy, marine, certification, infrastructure & mobility, industry, research & development sectors. Our business model covers the full process of project development, from concept to completion.

At RINA, we endeavor to create a work environment where every single person is valued and encouraged to develop new ideas. We provide equal employment opportunities and are committed to creating a workplace where everyone feels respected and safe from discrimination or harassment of any kind. We are also compliant to the Italian Law n. 68/99.