Generali is a major player in the global insurance industry a strategic and highly important sector for the growth, development and welfare of modern societies.
Within the Group IT Security Governance area we are looking for a IT Security Governance Specialist.The IT Security Governance Specialist, part of the IT Security Governance unit, supports group cyber security strategy oversight through the monitoring of the implementation of the Security initiatives, projects and programs necessary to improve the security posture of the Group, in line with the organizations risk appetite. In addition he/she will support the definition and implementation of the security organization,



of the security strategy and of security regulation at Group level. The role complements its task with the coordination and monitoring of ICT strategy definition and implementation monitoring as well as the Cloud Policy definition and monitoring. Finally, he/she will coordinate and support the Group companies in the implementation of the Group Outsourcing Policy and the continuous maintenance of the Outsourcing Policy and its implementation in Assicurazioni Generali SpA.
Key responsibilities of the role will include:
Defines the Group cyber security strategy and regulation (policies, guidelines) related to IT/Cyber Security
Establishes adequate security organization at Group level
Coordinate, support and monitor the status of implementation of Group strategy and regulation at local level
Support and monitor the status of implementation of Group strategy and regulation at local level preparing periodic executive reports and KPI reports
Establish and maintain a strong Project Portfolio Management tool, as well as monitor the progress, issues, risks and costs of the security initiatives
Manage security checks and compliance with regulation about security
Manage security maturity assessments,



based on leading information security standard (NIST Framework), at Grouplevel in order to evaluate maturity levels
Ensure adoption of security measures in new solutions according to the security by design principle
Ensure adequate alignment at Group level about security activity
Monitors changes on the security landscape in terms of emerging risks, regulatory compliance, new technologies and cross industry/national cyber security initiatives
Defines and develops Group Regulation for management of Business Continuity and IT Disaster Recovery, Outsourcing and Cloud, supervises the implementation at Group level and in Assicurazioni Generali SpA
Supports the definition of the ICT strategy plan and its implementation monitoring
The role implies frequent contacts at an international level with Generali Group companies in the different countries and regions where the Group operates.
Must have




2-3 years of experience in IT/Cyber Security in international group or major consulting firms; specific experience in financial services industry would be a plus
Degree-level education (Engineering, Computer Science or equivalent)
Extensive experience on information security governance, IT risk management, regulatory compliance ( GDPR) and audit procedures
Basic technical knowledge and experience on security technologies (like Endpoint protection, Mobile Security, Data Protection, Cloud Security, etc.) and on cyber security capabilities (SIEM, SOC, CERT, Vulnerability Management, Threat intelligence etc.)
Experience as project manager
Strong knowledge of main Information Security standards and framework (ISO27001, ISO22301, ISF, NIST, COBIT etc.
Soft skills
Ability to work in large international security projects
Advanced problem solving, analytical and communication skills
Demonstrated ability to work effectively as part of a team
Additional Information Contract Type:
Permanent