Cybersecurity Risk

Cybersecurity Risk & Governance Expertrole atFerreroReporting professionally to the Cyber Risk & Governance Manager, the Cybersecurity Risk & Governance Expert is responsible for ensuring or supporting compliance with cybersecurity legislations, applicable standards, and internal governance frameworks.This role involves performing Cyber Risk Assessments and Third-Party Cybersecurity Assessments to evaluate applications, infrastructures, and suppliers when required.Additionally, the position oversees the maintenance and evolution of the Cybersecurity Governance Framework, ensuring alignment with global laws, regulations, and standards across all countries where Ferrero operates.This role will be based in ourAlbaoffices, with the possibility of working remotely up to two days per week.Main ResponsibilitiesYou will be part of theEurope Hub , managing requests and needs originating from the area while planning activities and resources toensure continuous improvement of the cybersecurity posture .Maintaining awareness of global cybersecurity regulatory frameworks and standardswill be key to ensuring Ferrero's compliance with requirements, whilecreating and delivering end-to-end compliance strategies and plansto guarantee long-term adherence to frameworks, regulations, and best practices.In addition, you willlead the tracking and delivery of compliance activities , keeping accurate records of evidence, remediation actions, and reporting to business stakeholders and regulators as needed.Beyond compliance, you willconduct Third-Party Cybersecurity Assessmentsand contribute to improving methodologies for evaluating supplier maturity and risk exposure.Your role will also includesupporting the definition and maintenance of cybersecurity policies and procedures , ensuring alignment with Ferrero's environment and industry-leading practices.You willintegrate cybersecurity risk and compliance aspects into other Group processes effectively .Finally, you willperform cybersecurity risk assessmentsto confirm or update risk levels of applications and infrastructures andcollaborate with internal stakeholdersto retrieve and present information necessary for compliance and audits.About YouBringing solid expertise in cybersecurity risk and governance, you have at least 4 years of experience in similar roles within a multinational environment or in cybersecurity consultancy.Your background includes assessing compliance against recognized frameworks and regulations, defining and maintaining governance models, and managing risk through audits and evaluations of IT and cybersecurity controls for applications, infrastructures, and third parties.You hold a degree in Computer Science, Engineering, or a related technical field, and ideally a master's degree in Cybersecurity, Compliance, or Information Security.Your knowledge includes cybersecurity laws and regulations such as NIS2 and the EU AI Act, as well as international standards and frameworks like ISO*****, NIST, COBIT, ITIL, and PCI DSS.Familiarity with risk management methodologies and control evaluation processes is essential.You combine analytical thinking and problem-solving skills with the ability to communicate effectively in complex business contexts.Proficiency inEnglishis essential for this role.Our Benefits & PerksCareers with caring built in – discover our benefits here.About FerreroFerrero began its journey in the small town ofAlba in Piedmont, Italyin ****.Today, it is one of the world's largest sweet-packaged food companies, with many iconic brands sold in countries all over the world.Find out more about Ferrero at ferrero.com.DE&I at FerreroFerrero is committed to building a diverse and inclusive culture in which all employees feel welcomed and appreciated and have the same opportunities.We believe all our people are equally talented in their own way.In nurturing the curiosity and natural abilities of our employees, we provide them, generation after generation, the means to succeed personally and professionally, enabling them to craft their journey at Ferrero.The diversity of our talents is what makes our work environment multicultural, innovative, and highly rewarding.Seniority levelMid-Senior levelEmployment typeFull-timeJob functionEngineering and Information TechnologyIndustriesManufacturing#J-*****-Ljbffr