Indirizzo
Forma di lavoroRINA is currently recruiting for a Cybersecurity GRC Consultant to join its office in GENOA, ROME OR MILAN within the Cyber Security and Management Consulting Division.
Mission
RINA is currently recruiting for a Cyber Security GRC consultant to join our Cyber Team in GENOA, ROME or MILAN
Key Accountabilities
The persons will be in charge of:
- Carry out technical activities such as:
- Identify security risks within organizations and complex systems/architectures.
- Design security measures and provide recommendations or suggestions to improve security postures.
- Verify compliance versus laws, regulations and standards pertaining security and cybersecurity.
- Provide support to Customers in cybersecurity related activities.
- Draft technical/procedural documents related to:
- IT Security Governance, Risk and Compliance aspects (wrt ISO/IEC 27001:2022, NIS/NIS2 directives, PSNC, etc.)
- INFOSEC aspects (wrt National Scheme for IT products security evaluation, Common Criteria/ISO 15408, ENISA EUCC)
- Cybersecurity in Industrial Automation Control Systems (wrt IEC 62443 requirements families for risk assessment, systems and components)
- Marine cybersecurity requirements from International Association of Classification Societies (wrt IACS Unified Requirements, IMO circulars, Flag Administrations requests, etc.)
- Maintain and update the RINA cybersecurity guidelines and assessment methodologies.
- Support the business development from a technical point of view, drafting technical offers and detailing services (for senior personnel).
#LI-MM2
Education
Qualifications
Requirements:
- Knowledge of laws, regulations, international standards and best practices (e.g. ISO/IEC 27001 and 27000 family, NIST Cybersecurity Framework and National Framework for Cyber Security and Data Protection, NIS/NIS2 Directives, ISA/IEC 62443, Common Criteria/ISO15408, ISO21434, etc.).
- Engineering academic background.
- Strong problem-solving ability.
- Excellent verbal and written communication skills - Italian and English as a minimum.
- Flexibility and ability to multi-task in a fast-paced atmosphere.
- Availability to travel within the Country and abroad.
Desired Requirements:
- Experience with a wide range of computer systems and security tools.
- Security Certifications: e.g. ISO/IEC 27001 Qualified Lead Auditor, GIAC/GICSP or ISA/IEC 62443 related certifications, CEH, OSCP, ISACA CISM/CISA/CRISC, ISC2 CISSP.
- Adequate knowledge of programming languages (Java, C/C++/C#, VB.Net, Python), their interfaces with principal DBMS, and their development environments.
- Adequate knowledge of networking (in terms of segmentation, used protocols, security, etc.). Past experiences in network administration/configuration will be appreciated.
Competencies
- ADDRESS THE WAY - Have a big picture of different situations and reinterpret it in a perspective way
- BUILD NETWORK - Forge trust relationships, across departments, and outside the organization
- CLIENT INTIMACY - Embrace internal and external client needs, expectations, and requirements to ensure maximum satisfaction
- EARN TRUST - Take everyone's opinion into account and remain open to diversity
- MAKE EFFECTIVE DECISIONS - Structure activities according to priorities, actions, resources and constraint
- MANAGE EMOTIONS - Recognise one's and other's emotions and express and regulate one's reactions
- PIONEER CHANGE - Actively embrace change and benefit from the new circumstances
- PROMOTE SUSTAINABLE DEVELOPMENT - Promote commitment by keeping promises as a Role Model
- THINK FORWARD - Capitalise on experiences and translate them into action plans for the future
With over 5,600 employees and 200 offices in 70 countries worldwide, RINA is a multinational player which provides certification, marine classification, product testing, site supervision and vendor inspection, training and engineering consultancy services across a wide range of sectors. Our business model covers the full process of project development, from concept to completion. The aim is to guarantee a project’s technical, environmental and safety - and sometimes also economic and financial - sustainability.
At RINA, we endeavor to create a work environment where every single person is valued and encouraged to develop new ideas. We provide equal employment opportunities and are committed to creating a workplace where everyone feels respected and safe from discrimination or harassment of any kind. We are also compliant to the Italian Law n. 68/99.
