Information Security Consultant

• International career project
• Attractive salary package

Multinational company from IT & Telecoms industry

As a Security Consultant, you must guarantee the confidentiality, integrity and availability of the company's ICT information, data and services.

The position is based on the identification of the company's assets (including information assets), followed by the development, documentation and implementation of the policy and procedures for the protection of said assets.

The person in charge will focus more on the prevention aspects than the detection and response process, collecting lessons and recommendations learned from past and recurring incidents.

• Contribute to the development of the Organization's cyber defence and information security strategies


• Drafting of information security policies, standards and guidelines


• Define, design and maintain a solid information security management system (ISMS)


• Manage security processes and ensure the production of the ISMS records necessary to obtain or maintain certification


• Perform risk assessments and analysis to identify threats, categorize assets, and rate system vulnerabilities so they can


• Implement effective controls


• Contribute to the integration of IT security throughout the project life cycle for the development of IT services and systems / products / solutions (security by design model)


• Prepare security plans and security operating procedures


• Manage information security risks and system certification / accreditation


• Identify threats and evaluate the effectiveness of existing controls to face those threats


• Inspect and ensure that the principles and rules for information security are applied


• Provide guidance on information security


• Plan, prepare, and document releases and maintenance activities (such as software patches and updates) that are necessary to keep the system operating under optimized safety conditions


• Evaluate compliance with the deliverables related to identity and access management for projects and activities, which should take place in the context of the safety acceptance and security testing processes

• Career development


• Growing multinational company (+5.000 employees +25 countries)


• Getting involved in a major European Cyber Security project

• Bachelor's degree in Computer Science or a related field


• CISSP-ISSMP ((ISC)2 Certified Information Systems Security Management Professional)
  GIAC Certified ISO-27000 Specialist or an equivalent certification recognized internationally Experience of at least 5 years in a similar position.


• EBIOS, CRAMM, PILAR or equivalent


• Availability to move to northern Italy


• English (B2 mandatory, C1 desired), Italian (it will be a plus)

• NIST SP-800 Series


• ISO2700X


• ISO 27001 Implementation


• ISO 27001 Auditing


• Service Management (ITIL)


• Project Management (PMI, PRINCE)


• Security management and governance (COBIT)