97 Posti di lavoro per It Risk Management in Italia

Introduzione

Stiamo cercando ragazzi e ragazze che abbiano recentemente concluso il loro percorso di studi in discipline economiche-giuridiche da inserire all’interno dell’Area Chief Risk Officer del Gruppo Intesa Sanpaolo. In particolare, avrete la possibilità di entrare nel team che si occupa di coordinare e gestire le iniziative trasversali all’Area Chief Risk Officer, garantendo un governo centrale delle tematiche legate al Demand Management.

La Risorsa Dovrà Recepire, Analizzare e Garantire, Insieme Al Team, Una Corretta Gestione Dei Dati Inerenti i Processi Di Demand Management Dell’Area Chief Risk Officer, Attraverso La Raccolta e La Gestione Delle Informazioni Utili a Tali Processi. Le Principali Attività Consisteranno In

• Gestire le attività inerenti il processo di formazione e attivazione del budget dell’Area Chief Risk Officer, in particolare per la realizzazione delle iniziative progettuali; nello specifico gestire i dati nelle fasi di richiesta, raccolta, elaborazione, gestione e caricamento a sistema
• Supportare la struttura nella elaborazione e predisposizione della reportistica operativa e direzionale verso i diversi stakeholder coinvolti
• Relazionarsi con molteplici strutture della Banca, interne ed Esterne all’Area Chief Risk Officer, coinvolte nei processi di Demand Management, supportandole nella gestione e nel monitoraggio delle relative attività.

Quali saranno le tue attività

Le Principali Skill Che Acquisirai

• Approfondirai le modalità di gestione del budget dei progetti e la produzione della relativa documentazione e reportistica a supporto
• Conoscenza dei processi di demand management interni alla Banca e degli applicativi utilizzati per l’attivazione e la gestione della spesa
• Imparerai a operare e a gestire relazioni in ambienti complessi, interagendo con colleghi di più unità organizzative, nel rispetto delle scadenze

I nostri valori

La partecipazione è nel DNA di Intesa Sanpaolo, per questo la nostra mission è un patrimonio comune: condividere gli ideali e gli intenti che ci guidano nel nostro lavoro, ogni giorno nei confronti dei nostri interlocutori. Valutiamo il nostro successo in base a quanto riusciamo a investire per creare un sistema economico in cui ognuno sia in grado di esprimere il proprio potenziale.

Requisiti necessari per candidarsi

Qualifiche Richieste

• Laurea in discipline economiche-giuridiche

Competenze Richieste

• Conoscenza avanzata degli strumenti del pacchetto Office 365 in particolare MS Excel
• Conoscenza dei processi contabili di base
• Conoscenza degli ambiti bancari legati al Risk Management
• Buona conoscenza della lingua inglese

Chi siamo

Siamo leader in Italia e uno dei principali gruppi bancari in Europa. Unisciti a noi e fai parte della nostra storia di successo! Con oltre 20 milioni di clienti in Italia e all'estero siamo un vero e proprio motore di crescita sostenibile con un forte impegno per l'ambiente e un impatto tangibile sulla società. Le persone sono al centro, ce ne prendiamo cura impegnandoci nel creare una cultura inclusiva all'interno del Gruppo in cui tutti si sentano protagonisti e valorizzati.

Garantiamo un ambiente inclusivo e di pari opportunità. Considereremo tutti i candidati a prescindere da razza, religione, orientamento sessuale, identità di genere, stato civile, età, disabilità o qualsiasi altra categoria protetta nel rispetto dei D.lgs. 198/2006, 215/03 e 216/03. Per la valutazione delle candidature, i dati saranno utilizzati da Intesa Sanpaolo S.p.A. come Data Controller.

IT & CYBER SECURITY RISK MANAGEMENT SPECIALIST

The Risk Management Department of Allianz S.p.A. is looking for a IT & Cyber Security Risk specialist that will be focusing primarily on Control activities as part of the 2nd Line of Defense function. The ideal candidate will also support and contribute to further strengthening the risk control and governance framework for technology risk management.

Key activities include:

• Review the first line of defense's risk-taking behavior and risk assessments as well as ensure that risk assessments are performed consistently and in-line with the Company's Risk Management Framework
• Challenge constructively the first line of defense on the design and operational effectiveness of technology related controls
• Independently execute ad-hoc risk analyses, thematic/deep dive risk reviews
• Provide review and consultation to risk initiatives, events, incidents, controls and applied risk mitigation strategies
• Oversee compliance with key regulatory requirements by maintaining a regulatory monitoring radar and ensure appropriate treatment of controls and potential gaps
• Provide added value though foresight and consulting the first line regarding its risk behavior
• Prepare periodic reporting to Top Management, Committees, Board of Directors
• Monitor of IT limits as part of Risk Appetite Framework
• Monitor of IT and Cyber Security KRIs
• Assess of IT risks related to third party and IT projects

Key Requirements / Skills / Experience:

• Bachelor's or Master's Degree or equivalent preferably in Information Security, Risk Management, Information Technology, Engineering or an equivalent qualifications
• 2-5 years professional experience in Information Security and Risk Management
• Good knowledge of the DORA (Digital Operational Resilience Act) regulation
• Fluent in Italian and English (written and spoken)
• Good interpersonal and communication skills
• Good knowledge of IT and Cyber security governance topics
• Good knowledge of technologies and emerging risk such as cloud, Generative AI, robotics etc.
• Good working knowledge of Microsoft Office
• Experience with GRC tools (e.g., IBM Open Pages) is a plus

Allianz Group is one of the most trusted insurance and asset management companies in the world. Caring for our employees, their ambitions, dreams and challenges, is what makes us a unique employer. Together we can build an environment where everyone feels empowered and has the confidence to explore, to grow and to shape a better future for our customers and the world around us.

IT & CYBER SECURITY RISK MANAGEMENT SPECIALIST

The Risk Management Department of Allianz S.p.A. is looking for a IT & Cyber Security Risk Specialist that will be focusing primarily on control activities as part of the 2nd Line of Defense function. The ideal candidate will also support and contribute to further strengthening the risk control and governance framework for technology risk management.

Key activities

• Review the first line of defense’s risk-taking behavior and risk assessments, and ensure that risk assessments are performed consistently and in line with the Company’s Risk Management Framework
• Challenge constructively the first line of defense on the design and operational effectiveness of technology-related controls
• Independently execute ad-hoc risk analyses, thematic/deep-dive risk reviews
• Provide review and consultation to risk initiatives, events, incidents, controls and applied risk mitigation strategies
• Oversee compliance with key regulatory requirements by maintaining a regulatory monitoring radar and ensure appropriate treatment of controls and potential gaps
• Provide added value through foresight and consulting the first line regarding its risk behavior
• Prepare periodic reporting to Top Management, Committees, Board of Directors
• Monitor IT limits as part of the Risk Appetite Framework
• Monitor IT and Cyber Security KRIs
• Assess IT risks related to third parties and IT projects

Key Requirements / Skills / Experience

• Bachelor’s or Master’s Degree or equivalent, preferably in Information Security, Risk Management, Information Technology, Engineering or an equivalent qualification
• 2-5 years professional experience in Information Security and Risk Management
• Good knowledge of the DORA (Digital Operational Resilience Act) regulation
• Fluent in Italian and English (written and spoken)
• Good interpersonal and communication skills
• Good knowledge of IT and Cyber security governance topics
• Good knowledge of technologies and emerging risk such as cloud, Generative AI, robotics etc.
• Good working knowledge of Microsoft Office
• Experience with GRC tools (e.g., IBM Open Pages) is a plus

Allianz Group is one of the most trusted insurance and asset management companies in the world. Caring for our employees, their ambitions, dreams and challenges, is what makes us a unique employer. We welcome applications regardless of ethnicity or cultural background, age, gender, nationality, religion, social class, disability or sexual orientation, or any other characteristics protected under applicable local laws and regulations. Join us. Let's care for tomorrow. Both genders may apply in accordance with the L. 903/77 (s.m.i).

• Mid-Senior level

• Full-time

• Information Technology

• Financial Services and Insurance

Overview

Junior Recruitment Consultant at ThoughtLabs Belgium

• Security assessments of Information Systems and underlying infrastructure to verify correct implementation of security controls and identify potential vulnerabilities;


• Involved with the following testing techniques: black/grey/white box testing;


• Security audit of system architecture, and, compliance with security policies and industry best practices;


• Participate to the update and planning of security assessment dashboard;


• Analysis and reporting on identified issues and possible issues/improvements proposals.

• Master’s degree in IT or relevant discipline, combined with minimum 5 years of relevant working experience in IT;


• Experience with Applications and Infrastructures Security assessments and penetration testing (White/Grey/Blackbox testing);


• Experience in vulnerability monitoring;


• Knowledge of Burp Suite® tool suite;


• Knowledge of Secure System Architecture Design;


• Experience with DevSecOps and CI/CD would be a strong advantage;


• At least one of the following certificates would be considered a strong advantage: : Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), Offensive security certified expert (OSCE), Certified red team operator (CRTO) or equivalent;


• Excellent command of the English language.

• Not Applicable

• Contract

• Information Technology

• IT Services and IT Consulting

We currently have a vacancy for an Information Security Analyst fluent in English, to offer his/her services as an expert who will be based in Ispra, Italy . The work will be carried out either in the company’s premises or on site at customer premises. In the context of the first assignment, the successful candidate will be integrated in the Development team of the company that will closely cooperate with a major client’s IT team on site.

Your tasks

• Security assessments of Information Systems and underlying infrastructure to verify correct implementation of security controls and identify potential vulnerabilities;
• Involved with the following testing techniques: black/grey/white box testing;
• Security audit of system architecture, and, compliance with security policies and industry best practices;
• Participate to the update and planning of security assessment dashboard;
• Analysis and reporting on identified issues and possible issues/improvements proposals.

Requirements

• Master’s degree in IT or relevant discipline, combined with minimum 5 years of relevant working experience in IT;
• Experience with Applications and Infrastructures Security assessments and penetration testing (White/Grey/Blackbox testing);
• Experience in vulnerability monitoring;
• Knowledge of Burp Suite tool suite;
• Knowledge of Secure System Architecture Design;
• Experience with DevSecOps and CI/CD would be a strong advantage;
• At least one of the following certificates would be considered a strong advantage: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), Offensive security certified expert (OSCE), Certified red team operator (CRTO) or equivalent;
• Excellent command of the English language.

We offer a competitive remuneration (either on contract basis or remuneration with full benefits package), based on qualifications and experience. All applications will be treated as confidential.

We are committed to Equal Employment Opportunity without regard for race, color, national origin, ethnicity, gender, disability, sexual orientation, gender identity, or religion.

Overview

La risorsa sarà inserita in ottica di potenziamento del Team Information Security e, in concerto con la struttura, si occuperà principalmente delle seguenti attività:

• Collaborare con il responsabile della struttura Information Security e delle Infrastrutture IT per disegnare e documentare i nuovi processi con particolare attenzione ai requisiti DORA
• Acquisire e documentare processi e procedure esistenti
• Valutazione dei rischi cyber e nella selezione delle azioni di rimedio
• Monitoraggio delle metriche e nelle analisi degli eventi di Sicurezza
• Collaborare con le strutture esterne per le valutazioni di rischio ICT e di Sicurezza
• Organizzare e partecipare alle esercitazioni in ambito Security (inclusi DR, Ransomware, Backup)

Requisiti

• Preferibile laurea in Informatica, Ingegneria Informatica o titoli equipollenti.
• Esperienza di almeno 2 anni in attività inerenti all’Information Security
• Competenze trasversali in Information Security, Cyber Security, Business Continuity e Disaster Recovery
• Capacità di redigere documentazione tecnica anche in inglese
• Comprensione dei rischi informatici e delle azioni di rimedio
• Capacità di disegnare e monitorare processi
• Comprensione delle architetture tecnologiche e dei loro impatti sulla resilienza applicativa
• Conoscenza dei sistemi DLP e Information Protection
• Visione d’insieme, gestione delle obiezioni, entusiasmo e motivazione

Conoscenze tecniche specifiche

• SIEM (preferibilmente Microsoft Sentinel)
• Automatic Inventory (Azure e/o LANSweeper)
• Networking, Information Security, Windows, Linux
• Cloud (preferibilmente Microsoft Azure e/o OCI)
• Gradita conoscenza della normativa DORA
• Microsoft Defender e Microsoft Security
• Strumenti di Monitoraggio (preferibilmente Icinga e/o Azure Monitor)

Seniority level

• Mid-Senior level

Employment type

• Full-time

Job function

• Information Technology

Industries

• IT Services and IT Consulting

Zona: Zone 1 di Milano, Lombardia, Italia

Overview

Information Security Specialist - We are looking for you as Information Security Specialist. In this role you will be part of the global Information Security team, and you will support the strategic and operational implementation of security initiatives across the organization.

• Contribute to defining and implementing the group-wide Information Security strategy and roadmap.
• Ensure alignment with the overall IT strategy and business objectives.
• Collaborate on the setup, operation, and continuous improvement of the Information Security framework.
• Implement and operate the Information Security Management System (ISMS).
• Support and align group-wide compliance initiatives and policy implementation.
• Implement and support monitoring and controlling of Information Security directives at the corporate level.
• Monitor performance against agreed standards and take necessary actions to communicate, advise, and assist based on performance levels.
• Support risk assessments and monitor security trends and legislative developments.
• Support demand evaluation of new projects, act as a Subject Matter Expert.
• Define and implement a harmonized approach to manage customer IT security assessments and external audit requirements.
• Lead or support customer and/or external audits to ensure compliance with IT security requirements.

• Degree in Information Security, Computer Science, or a related field.
• Relevant certifications (e.g., ISO 27001, CISSP, CISM) are a plus.
• Strong English communication skills, both written and verbal.
• Analytical mindset with a structured and proactive approach.
• Solid understanding of ISMS frameworks and security governance.
• Familiarity with compliance standards and regulatory requirements (e.g., GDPR, NIS2).
• Experience with risk management and audit processes.
• Ability to translate technical security topics into business-relevant language.
• Strong collaboration skills to work across departments and with external partners.
• Commitment to continuous learning and staying current with security trends and threats.
• Previous experience in defining security by design guidelines with respect to SDLC processes is a plus.

• Opportunity to grow and develop.
• Being part of a global team.
• A very welcoming, supportive and collaborative team spirit and an open company culture.
• Attractive compensation and working conditions.

Team Spirit is one of our core values. Collaborating across borders, languages and cultures is key to us delivering results. Supporting our peoples growth and development is a top priority. We believe in the creative power of a team that draws strength from welcoming a broad expanse of knowledge, experience and perspectives.

Can you identify with this position and are you looking for a new challenge? Then we are eager to meet you! Please apply online.

#joinoerlikon #joinourteam

#LI-Hybrid

Oerlikon is a global innovation powerhouse for surface engineering, polymer processing and additive manufacturing in key industries such as aerospace, automotive, energy, tooling and textiles. We serve as a key partner in enabling our customers to reach their targets for optimizing the performance, function and sustainability of their products and manufacturing processes. Our solutions reduce emissions in transportation, maximize longevity and performance of tools, increase energy efficiency and advance intelligent material and sustainable polymer processing. These achievements are proven hallmarks of our global leadership.

We at Oerlikon embrace diversity. This is reflected in more than 11,800 employees, representing over 93 nationalities and our presence in more than 38 countries and 207 locations worldwide.

Learn more about Oerlikon:

Information Security Specialist

We are looking for you as Information Security Specialist. In this role you will be part of the global Information Security team, and you will support the strategic and operational implementation of security initiatives across the organization.

• Contribute to defining and implementing the group-wide Information Security strategy and roadmap.
• Ensure alignment with the overall IT strategy and business objectives.
• Collaborate on the setup, operation, and continuous improvement of the Information Security framework.
• Implement and operate the Information Security Management System (ISMS).
• Support and align group-wide compliance initiatives and policy implementation.
• Implement and support monitoring and controlling of Information Security directives at the corporate level.
• Monitor performance against agreed standards and take necessary actions to communicate, advise, and assist based on performance levels.
• Support risk assessments and monitor security trends and legislative developments.
• Support demand evaluation of new project, act as a Subject Matter Expert.
• Define and implement a harmonized approach to manage customer IT security assessments and external audit requirements.
• Lead or support customer and / or external audits to ensure compliance with IT security requirements.

• Degree in Information Security, Computer Science, or a related field.
• Relevant certifications (e.g., ISO 27001, CISSP, CISM) are a plus.
• Strong English communication skills, both written and verbal.
• Analytical mindset with a structured and proactive approach.
• Solid understanding of ISMS frameworks and security governance.
• Familiarity with compliance standards and regulatory requirements (e.g., GDPR, NIS2).
• Experience with risk management and audit processes.
• Ability to translate technical security topics into business-relevant language.
• Strong collaboration skills to work across departments and with external partners.
• Commitment to continuous learning and staying current with security trends and threats.
• Previous experience in defining security by design guidelines with respect to SDLC processes is a plus.

• Opportunity to grow and develop.
• Being part of a global team.
• A very welcoming, supportive and collaborative team spirit and an open company culture.
• Attractive compensation and working conditions.

Team Spirit is one of our core values. Collaborating across borders, languages and cultures is key to us delivering results. Supporting our peoples growth and development is a top priority. We believe in the creative power of a team that draws strength from welcoming a broad expanse of knowledge, experience and perspectives.

Can you identify with this position and are you looking for a new challenge? Then we are eager to meet you! Please apply online.

#joinoerlikon #joinourteam

#LI-Hybrid

We are looking for you as Information Security Specialist. In this role you will be part of the global Information Security team, and you will support the strategic and operational implementation of security initiatives across the organization.

• Contribute to defining and implementing the group-wide Information Security strategy and roadmap.
• Ensure alignment with the overall IT strategy and business objectives.
• Collaborate on the setup, operation, and continuous improvement of the Information Security framework.
• Implement and operate the Information Security Management System (ISMS).
• Support and align group-wide compliance initiatives and policy implementation.
• Implement and support monitoring and controlling of Information Security directives at the corporate level.
• Monitor performance against agreed standards and take necessary actions to communicate, advise, and assist based on performance levels.
• Support risk assessments and monitor security trends and legislative developments.
• Support demand evaluation of new project, act as a Subject Matter Expert.
• Define and implement a harmonized approach to manage customer IT security assessments and external audit requirements.
• Lead or support customer and / or external audits to ensure compliance with IT security requirements.

• Degree in Information Security, Computer Science, or a related field.
• Relevant certifications (e.g., ISO 27001, CISSP, CISM) are a plus.
• Strong English communication skills, both written and verbal.
• Analytical mindset with a structured and proactive approach.
• Solid understanding of ISMS frameworks and security governance.
• Familiarity with compliance standards and regulatory requirements (e.g., GDPR, NIS2).
• Experience with risk management and audit processes.
• Ability to translate technical security topics into business-relevant language.
• Strong collaboration skills to work across departments and with external partners.
• Commitment to continuous learning and staying current with security trends and threats.
• Previous experience in defining security by design guidelines with respect to SDLC processes is a plus.

• Opportunity to grow and develop.
• Being part of a global team.
• A very welcoming, supportive and collaborative team spirit and an open company culture.
• Attractive compensation and working conditions.

Team Spirit is one of our core values. Collaborating across borders, languages and cultures is key to us delivering results. Supporting our peoples growth and development is a top priority. We believe in the creative power of a team that draws strength from welcoming a broad expanse of knowledge, experience and perspectives.

Can you identify with this position and are you looking for a new challenge? Then we are eager to meet you! Please apply online.

#joinoerlikon #joinourteam

#LI-Hybrid