RINA is currently recruiting for a Cybersecurity GRC Consultant to join its office in GENOA, ROME OR MILAN within the Cyber Security and Management Consulting Division.
Mission RINA is currently recruiting for a Cyber Security GRC consultant to join our Cyber Team in GENOA, ROME or MILAN
Key Accountabilities The persons will be in charge of:
Carry out technical activities such as: Identify security risks within organizations and complex systems/architectures. Design security measures and provide recommendations or suggestions to improve security postures. Verify compliance versus laws, regulations and standards pertaining security and cybersecurity. Provide support to Customers in cybersecurity related activities. Draft technical/procedural documents related to: IT Security Governance, Risk and Compliance aspects (wrt ISO/IEC 27001:2022, NIS/NIS2 directives, PSNC, etc.) INFOSEC aspects (wrt National Scheme for IT products security evaluation, Common Criteria/ISO 15408, ENISA EUCC) Cybersecurity in Industrial Automation Control Systems (wrt IEC 62443 requirements families for risk assessment, systems and components) Marine cybersecurity requirements from International Association of Classification Societies (wrt IACS Unified Requirements, IMO circulars, Flag Administrations requests, etc.) Maintain and update the RINA cybersecurity guidelines and assessment methodologies. Support the business development from a technical point of view, drafting technical offers and detailing services (for senior personnel). #LI-MM2
Education
Bachelor's Degree in Engineering General Qualifications Requirements:
Knowledge of laws, regulations, international standards and best practices (e.g. ISO/IEC 27001 and 27000 family, NIST Cybersecurity Framework and National Framework for Cyber Security and Data Protection, NIS/NIS2 Directives, ISA/IEC 62443, Common Criteria/ISO15408, ISO21434, etc.). Engineering academic background. Strong problem-solving ability. Excellent verbal and written communication skills - Italian and English as a minimum. Flexibility and ability to multi-task in a fast-paced atmosphere. Availability to travel within the Country and abroad. Desired Requirements:
Experience with a wide range of computer systems and security tools. Security Certifications: e.g. ISO/IEC 27001 Qualified Lead Auditor, GIAC/GICSP or ISA/IEC 62443 related certifications, CEH, OSCP, ISACA CISM/CISA/CRISC, ISC2 CISSP. Adequate knowledge of programming languages (Java, C/C++/C#, VB.Net, Python), their interfaces with principal DBMS, and their development environments. Adequate knowledge of networking (in terms of segmentation, used protocols, security, etc.). Past experiences in network administration/configuration will be appreciated. Competencies ADDRESS THE WAY - Have a big picture of different situations and reinterpret it in a perspective way BUILD NETWORK - Forge trust relationships, across departments, and outside the organization CLIENT INTIMACY - Embrace internal and external client needs, expectations, and requirements to ensure maximum satisfaction EARN TRUST - Take everyone's opinion into account and remain open to diversity MAKE EFFECTIVE DECISIONS - Structure activities according to priorities, actions, resources and constraint MANAGE EMOTIONS - Recognise one's and other's emotions and express and regulate one's reactions PIONEER CHANGE - Actively embrace change and benefit from the new circumstances PROMOTE SUSTAINABLE DEVELOPMENT - Promote commitment by keeping promises as a Role Model THINK FORWARD - Capitalise on experiences and translate them into action plans for the future With over 5,600 employees and 200 offices in 70 countries worldwide, RINA is a multinational player which provides certification, marine classification, product testing, site supervision and vendor inspection, training and engineering consultancy services across a wide range of sectors. Our business model covers the full process of project development, from concept to completion. The aim is to guarantee a project's technical, environmental and safety - and sometimes also economic and financial - sustainability.
At RINA, we endeavor to create a work environment where every single person is valued and encouraged to develop new ideas. We provide equal employment opportunities and are committed to creating a workplace where everyone feels respected and safe from discrimination or harassment of any kind. We are also compliant to the Italian Law n. 68/99.