Select how often (in days) to receive an alert: Cybersecurity GRC Consultant City: Roma Location: Roma, IT, 144 Rozzano, IT, 20089 Pescara, IT, 65129 Genova, IT, 16129 Contract Type: Permanent Division: Cyber Security and Management Consulting Level of experience: Intermediate RINA is currently recruiting for a Cybersecurity GRC Consultant to join its office in GENOA, ROME OR MILANwithin the Cyber Security and Management Consulting Division.Mission RINA is currently recruiting for a Cyber Security GRC consultant to join our Cyber Team in GENOA, ROME or MILAN Key AccountabilitiesThe person will be in charge of: Carry out technical activities such as:Identify security risks within organizations and complex systems/architectures.Design security measures and provide recommendations or suggestions to improve security postures.Verify compliance versus laws, regulations and standards pertaining to security and cybersecurity.Provide support to Customers in cybersecurity related activities.Draft technical/procedural documents related to:IT Security Governance, Risk and Compliance aspects (wrt ISO/IEC 27001:2022, NIS/NIS2 directives, PSNC, etc.
)INFOSEC aspects (wrt National Scheme for IT products security evaluation, Common Criteria/ISO 15408, ENISA EUCC)Cybersecurity in Industrial Automation Control Systems (wrt IEC 62443 requirements families for risk assessment, systems and components)Marine cybersecurity requirements from International Association of Classification Societies (wrt IACS Unified Requirements, IMO circulars, Flag Administrations requests, etc.
)Maintain and update the RINA cybersecurity guidelines and assessment methodologies.Support the business development from a technical point of view, drafting technical offers and detailing services (for senior personnel).Education Bachelor's Degree in Engineering General Qualifications Requirements: Knowledge of laws, regulations, international standards and best practices (e.g.
ISO/IEC 27001 and 27000 family, NIST Cybersecurity Framework and National Framework for Cyber Security and Data Protection, NIS/NIS2 Directives, ISA/IEC 62443, Common Criteria/ISO15408, ISO21434, etc.).
Engineering academic background.
Strong problem-solving ability.
Excellent verbal and written communication skills - Italian and English as a minimum.
Flexibility and ability to multi-task in a fast-paced atmosphere.
Availability to travel within the Country and abroad.
Desired Requirements: Experience with a wide range of computer systems and security tools.
Security Certifications: e.g.
ISO/IEC 27001 Qualified Lead Auditor, GIAC/GICSP or ISA/IEC 62443 related certifications, CEH, OSCP, ISACA CISM/CISA/CRISC, ISC2 CISSP.
Adequate knowledge of programming languages (Java, C/C++/C#, VB.Net, Python), their interfaces with principal DBMS, and their development environments.
Adequate knowledge of networking (in terms of segmentation, used protocols, security, etc.).
Past experiences in network administration/configuration will be appreciated.
With over 5,600 employees and 200 offices in 70 countries worldwide, RINA is a multinational player which provides certification, marine classification, product testing, site supervision and vendor inspection, training and engineering consultancy services across a wide range of sectors.
Our business model covers the full process of project development, from concept to completion.
The aim is to guarantee a project's technical, environmental and safety - and sometimes also economic and financial - sustainability.At RINA, we endeavor to create a work environment where every single person is valued and encouraged to develop new ideas.
We provide equal employment opportunities and are committed to creating a workplace where everyone feels respected and safe from discrimination or harassment of any kind.
We are also compliant with the Italian Law n. 68/99.
#J-18808-Ljbffr