Intesa Sanpaolo is the banking group leader in Italy. Assisting more than 11,1 milion of retail customers through a network of 4400 branches, it significantly supports the development of Companies and gives an important sustain to the country's growth.
The Group has a selected retail banking presence in Central and Eastern Europe, the Middle East and North Africa, with approximately 1,200 branches and 7.
8 million customers in 12 countries. Intesa Sanpaolo is also present in 29 countries in support of its corporate customers’ cross-border business.
It is looking for new qualify profiles who want to face demanding and challenging career path with the following requirements :
Scope and Purpose
Monitoring the overall security of the Bank, and supporting the implementation of the tools and instruments needed to maintain an adequate level of security of the IT systems.
Drawing up business continuity guidelines, rules and methodologies, checking and monitoring their conformity with the established laws and regulations.
Supports the Head of the department in monitoring Cybersecurity policies / operations and managing relevant risks related to Cybersecurity and Information Security (ordinary activity)
Develop and enhance an information security management framework, by ensuring the update of the Cyber Security controls model
Partner with business stakeholders across the company to raise awareness of risk management concerns
Participates in risks analysis on the infrastructure (review and update of data classification) and bank's projects and maintains an IT security map
Periodically review users credentials and profiles of systems and applications
Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems and leads and conducts controls related to the security of information systems
Reports potential security breaches and incidents, and follows up on their resolution
Participates in raising awareness among bank employees of the risks related to information security and ensures a 'security watch' on threats and vulnerabilities, and on related evolution
Assist in the definition / review and adopt solutions for managing local frauds through their entire life cycle as defined by HO policies and local regulations
Coordinate the execution of vulnerability assessments and penetration tests and monitor the remediation plans
Monitor and manage information security for services provided by third parties ensuring controls and proper formalization of the security requirements within the contract
Support IT local Functions to properly address security requirements even during the process of developing / buying local IT solution
Define and coordinate local IT Security projects to implement / enhance Cybersecurity measures, in compliance with Head Office requirements
Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services
Respond to, and act as the contact point for the supervisory authority and maintaining relationships with, European regulators, especially the CNPD in Luxembourg
Supporting the administration and advising on the disposition of data protection impact assessments and delivering training on data protection and policy matters so as to complement and enhance the global privacy training
Advises on bank's compliance with GDPR and local data protection laws, monitors adherence to GDPR standards
Delivers GDPR trainings to bank's staff to increase awareness of data protection measures and facilitates GDPR compliance through transparent data protection policies, systems and procedures
Identifies and evaluates the bank's data processing activities and provides advice and instructions on how to conduct Data Protection Impact Assessments (DPIAs)
Liaises with other organizations that process data on behalf of the bank
Ensure periodic reports on the Cybersecurity posture to the Bank Top Management and to Cybersecurity and Business Continuity Management HO
Adapt and execute the local annual Security Awareness & training program to the branch specific requirements
Periodic update of the local Cybersecurity Controls model in line with local and the Head Office requirements
Monitor threats, analyze the internal and external context locally and in collaboration with Cybersecurity and Business Continuity Mgmt HO
Ensure security incidents / critical events detection / handling / monitoring / reporting locally and in collaboration with Cybersecurity and Business Continuity Management HO
University degree in Information Security / Technology or related disciplines. Additional professional qualifications would be considered an asset.
At least 7-10 years professional experience in Information Security / Network / Telecommunications, preferably in a financial institution
In-depth knowledge of regulatory requirements in the field of information technologies and specifically with regard to the financial sector (NIST, ISO 27K)SOC servicesIdentity and Security Profile ManagementSIEM managementSplunk.
Provisioning and SSO, strong authentication, LDAP directories, IaaS solutions, Incident analysis toolsWell-developed IT skills with specific knowledge of new technologies and encryptionSkills using database systems (e.
g. MySQL)Excellent troubleshooting skills"Can do" attitude and self-starterExcellent communication skills and team spiritExcellent analytical sense and coordination skills, with priority-setting abilitiesAbility to compile comprehensive and concise product evaluations Proactive approach and ability to work independently with minimal supervisionFluency in English and French;
Italian language is considered as an asset
Everyone is an asset for our Group and that person could be you! Check out our job opportunities, apply and join our team!