Information Security OfficerRomeThis is WorldlineWe are the innovators at the heart of the payments technology industry, shaping how the world pays and gets paid.
The solutions our people build today power the growth of millions of businesses tomorrow.
From your local coffee shop to unicorns and international banks.
From San Francisco to Auckland.
We are in every corner of the world, in every part of commerce.
And just as we help our customers accelerate their business, we are committed to helping our people accelerate their careers.
Together, we shape the evolution.The OpportunityWe are looking for a Risk Security Specialist that ensures appropriate risk mitigation and control processes for security issues, defining and maintaining policies and documentation for the company's security program.
Your principal job will be working with the 1st Line CyberSecurity team to address risks in the organization, conducting risk assessments regularly and reporting the effectiveness of security controls to the management.Day-to-Day ResponsibilitiesMonitoring and participating in the further development of the security governance and internal control system relevant tools, systems, and processesManaging Security Governance (integration, Cyber Risk mitigation approach, Cyber Risk Assessment)Monitoring compliance with local and industry-specific regulations (PCI DSS, ISO27001, DORA, etc.
), and implementation of required measuresConducting periodic audits of internal security controls to validate effectiveness, identify risks, and promote continuous improvementMonitoring and collaborating in internal and external auditsProviding guidance to the 1st line security organizationMonitoring, governing, and validating the security maturity level of key suppliersSupporting the Information Security activities of the Group Security organization for your scopeMonitoring the activities of the 1st Line Security in terms of compliance with security guidanceManaging Security Internal controls: nature, scope, techniques of Security Internal Control System, control typesReporting and monitoring: defining KPI, Board reporting, Internal Committee ReportingDefining and managing Security Governance Framework (data classification, access control, policy formulation, incident response and compliance with legal and regulatory standards)Carrying out assessments, defining gaps, and managing actions regarding regulatory law (DORA, EBA, etc.
)Who Are We Looking ForWe look for big thinkers.
People who can drive positive change, step up and show what's next - people with passion, a can-do attitude, and a hunger to learn and grow.
In practice, this means:Bachelor/Master in IT Security, Engineering, Management Engineering or equivalentMinimum 6 years of experience in Information security, security risk management and/or cyber security, security governanceProven knowledge of relevant security frameworks (ISO27001, PCI,...)Knowledge of the payment industry is a plusCertificate in security (e.g.
CISA, CISM, CRISC, CISSP) is a strong plusExcellent analytical skills with an eye for detailExcellent communication and presentation skills in English both verbally and written (min B2.2)Results driven and persistentMulticultural mindset and flexibility, able to work in an international environmentShould have in-depth knowledge of the regulations of the security sector with particulars regarding the DORA regulation and ICT EBA guidelinesContract Type: PermanentLocation: RomeBrand: Worldline #J-18808-Ljbffr