Information Security Officer Rome This is Worldline We are the innovators at the heart of the payments technology industry, shaping how the world pays and gets paid. The solutions our people build today power the growth of millions of businesses tomorrow. From your local coffee shop to unicorns and international banks. From San Francisco to Auckland. We are in every corner of the world, in every part of commerce. And just as we help our customers accelerate their business, we are committed to helping our people accelerate their careers. Together, we shape the evolution. The Opportunity We are looking for a Risk Security Specialist that ensures appropriate risk mitigation and control processes for security issues, defining and maintaining policies and documentation for the company's security program. Your principal job will be working with the 1st Line CyberSecurity team to address risks in the organization, conducting risk assessments regularly and reporting the effectiveness of security controls to the management. Day-to-Day Responsibilities Monitoring and participating in the further development of the security governance and internal control system relevant tools, systems, and processes Managing Security Governance (integration, Cyber Risk mitigation approach, Cyber Risk Assessment) Monitoring compliance with local and industry-specific regulations (PCI DSS, ISO27001, DORA, etc.), and implementation of required measures Conducting periodic audits of internal security controls to validate effectiveness, identify risks, and promote continuous improvement Monitoring and collaborating in internal and external audits Providing guidance to the 1st line security organization Monitoring, governing, and validating the security maturity level of key suppliers Supporting the Information Security activities of the Group Security organization for your scope Monitoring the activities of the 1st Line Security in terms of compliance with security guidance Managing Security Internal controls: nature, scope, techniques of Security Internal Control System, control types Reporting and monitoring: defining KPI, Board reporting, Internal Committee Reporting Defining and managing Security Governance Framework (data classification, access control, policy formulation, incident response and compliance with legal and regulatory standards) Carrying out assessments, defining gaps, and managing actions regarding regulatory law (DORA, EBA, etc.) Who Are We Looking For We look for big thinkers. People who can drive positive change, step up and show what's next - people with passion, a can-do attitude, and a hunger to learn and grow. In practice, this means: Bachelor/Master in IT Security, Engineering, Management Engineering or equivalent Minimum 6 years of experience in Information security, security risk management and/or cyber security, security governance Proven knowledge of relevant security frameworks (ISO27001, PCI,) Knowledge of the payment industry is a plus Certificate in security (e.g. CISA, CISM, CRISC, CISSP) is a strong plus Excellent analytical skills with an eye for detail Excellent communication and presentation skills in English both verbally and written (min B2.2) Results driven and persistent Multicultural mindset and flexibility, able to work in an international environment Should have in-depth knowledge of the regulations of the security sector with particulars regarding the DORA regulation and ICT EBA guidelines Contract Type: Permanent Location: Rome Brand: Worldline J-18808-Ljbffr