PpLa posizione è aperta all'interno del team di Generali Italia. /ph3Governance steering /h3ulliPerform recurrent meetings with Asset Management Companies to monitor the execution of the ICT Risk management activities /liliConsolidate on a quarterly basis the results of the ICT Risk Management activities at GIH level and report the results to GIH Risk and Control Committee /liliPrepare annual consolidated reporting for GIH Board of Directors on the evolution of the ICT Risk management framework and its operating effectiveness /liliSupport the design, implementation and maintenance of the overall ICT Risk Management Framework /liliCoordinate the Local CRO of newly acquired Group Asset Manager for the implementation of the ICT Risk framework /li /ulh3ICT Risk Management /h3ulliIdentifying and updating ICT Cyber risk events related to business area managed /liliReviewing ICT Cyber risk Scenarios based on its peculiarities /liliExecute quantitative and qualitative risk methodologies /liliPerforming the economic quantification of ICT and Security Major incidents to evaluate DORA relevance /liliSetting of ICT Risk Appetite Framework together with CISO and COO /liliAnalyzing of Operative risk tolerances quarterly evidence monitoring collected and defined mitigation actions /liliOverseeing escalation process in case of hard limits breach and formalizing detailed risk evaluation /liliReviewing reports and evidence shared by IT and Security functions (e.G., Backup and restore reports, Vulnerability assessments) /liliFormalizing executive reporting providing update on ICT Risk Management Framework risk evidence and key enhancements /liliFormalizing and annual Reviewing ICT Cyber Risk reports (e.G., ICT Cyber Risk Report and IT Booklet) /li /ulh3Educational Qualifications /h3ulliBachelor's degree in Computer Science, Information Technology (or equivalent experience) /li /ulh3Professional Experience /h3ulliUnderstanding of ICT and cyber security risks and the ability to develop and execute effective testing strategies with a good understanding of regulatory compliance requirements for the Financial Markets and Asset Management Industry /liliAt least 5 years of relevant experience within information security or cyber risk management /li /ulh3Technical Skills /h3ulliExperience with ICT risk management methodologies (e.G. ISO, COBIT, NIST) /liliExperience with relevant regulation (e.G. GDPR, DORA) /liliKnowledge of statistical analysis and financial modeling /li /ulh3Skills /h3ulliStrong analytical thinking and problem-solving abilities /liliExcellent creative, analytical and computer skills with an entrepreneurial approach to large, complex, projects /liliSuperior communication (written and verbal) and presentation skills (Executive level) /liliExcellent interpersonal skills with proven ability to build relations with internal and external functions /liliResilient, highly responsive and proactive, ability to successfully execute multiple projects and meet deadlines (effective prioritization of workload) /liliWell organized with the ability to manage several priorities with a hands‑on approach /liliAbility to work independently and as part of a team /liliFlexibility to work with colleagues and stakeholders in an international team, operating across different countries and time zones /liliEnjoys a fast‑paced, high‑intensity and complex environment, troubleshooting time‑critical issues and working with people /liliStrong attention to detail; willing to take proactive action and desire to roll up sleeves /liliFluent English, any other languages are a plus /liliAvailability for business trips /li /ul /p #J-18808-Ljbffr