Cybersecurity GRC Consultant

Social network you want to login/join with:

RINA is currently recruiting for a Cybersecurity GRC Consultant to join its office in GENOA, ROME OR MILAN within the Cyber Security and Management Consulting Division.

Mission

RINA is currently recruiting for a Cyber Security GRC consultant to join our Cyber Team in GENOA, ROME or MILAN.

Key Accountabilities

The person will be in charge of:

• Carry out technical activities such as:
• Identify security risks within organizations and complex systems/architectures.
• Design security measures and provide recommendations or suggestions to improve security postures.
• Verify compliance versus laws, regulations and standards pertaining to security and cybersecurity.
• Provide support to Customers in cybersecurity related activities.
• Draft technical/procedural documents related to:
• IT Security Governance, Risk and Compliance aspects (wrt ISO/IEC 27001:2022, NIS/NIS2 directives, PSNC, etc.)
• INFOSEC aspects (wrt National Scheme for IT products security evaluation, Common Criteria/ISO 15408, ENISA EUCC)
• Cybersecurity in Industrial Automation Control Systems (wrt IEC 62443 requirements families for risk assessment, systems and components)
• Marine cybersecurity requirements from International Association of Classification Societies (wrt IACS Unified Requirements, IMO circulars, Flag Administrations requests, etc.)
• Maintain and update the RINA cybersecurity guidelines and assessment methodologies.
• Support the business development from a technical point of view, drafting technical offers and detailing services (for senior personnel).

Education

Bachelor’s Degree in Engineering General.

Qualifications

Requirements:

• Knowledge of laws, regulations, international standards and best practices (e.g. ISO/IEC 27001 and 27000 family, NIST Cybersecurity Framework and National Framework for Cyber Security and Data Protection, NIS/NIS2 Directives, ISA/IEC 62443, Common Criteria/ISO15408, ISO21434, etc.).
• Engineering academic background.
• Strong problem-solving ability.
• Excellent verbal and written communication skills - Italian and English as a minimum.
• Flexibility and ability to multi-task in a fast-paced atmosphere.
• Availability to travel within the Country and abroad.

Desired Requirements:

• Experience with a wide range of computer systems and security tools.
• Security Certifications: e.g. ISO/IEC 27001 Qualified Lead Auditor, GIAC/GICSP or ISA/IEC 62443 related certifications, CEH, OSCP, ISACA CISM/CISA/CRISC, ISC2 CISSP.
• Adequate knowledge of programming languages (Java, C/C++/C#, VB.Net, Python), their interfaces with principal DBMS, and their development environments.
• Adequate knowledge of networking (in terms of segmentation, used protocols, security, etc.). Past experiences in network administration/configuration will be appreciated.

Competencies

• ADDRESS THE WAY - Have a big picture of different situations and reinterpret it in a perspective way.
• BUILD NETWORK - Forge trust relationships, across departments, and outside the organization.
• CLIENT INTIMACY - Embrace internal and external client needs, expectations, and requirements to ensure maximum satisfaction.
• EARN TRUST - Take everyone's opinion into account and remain open to diversity.
• MAKE EFFECTIVE DECISIONS - Structure activities according to priorities, actions, resources and constraint.
• MANAGE EMOTIONS - Recognise one's and other's emotions and express and regulate one's reactions.
• PIONEER CHANGE - Actively embrace change and benefit from the new circumstances.
• PROMOTE SUSTAINABLE DEVELOPMENT - Promote commitment by keeping promises as a Role Model.
• THINK FORWARD - Capitalise on experiences and translate them into action plans for the future.

With over 5,600 employees and 200 offices in 70 countries worldwide, RINA is a multinational player which provides certification, marine classification, product testing, site supervision and vendor inspection, training and engineering consultancy services across a wide range of sectors. Our business model covers the full process of project development, from concept to completion. The aim is to guarantee a project’s technical, environmental and safety - and sometimes also economic and financial - sustainability.

At RINA, we endeavor to create a work environment where every single person is valued and encouraged to develop new ideas. We provide equal employment opportunities and are committed to creating a workplace where everyone feels respected and safe from discrimination or harassment of any kind. We are also compliant to the Italian Law n. 68/99.