Job Responsibilities
You will support De’Longhi Group in the definition and update of the Compliance & Information Cyber Security vision and strategic direction for the organization.
You will join the Legal & Corporate Affairs Department, directly reporting to the Group General Counsel, who is responsible for the organization-wide security and governance, risk, awareness and compliance with industry standards and regulatory requirements.
Main Responsibilities
?Manage and proactively monitoring the internal compliance program to ensure the Group conducts its business in full compliance with applicable laws and regulations as well as accepted business practices and internal policies by leading the associated risks assessment/ mapping and monitoring activities in line with local legislation
?Implement and manage Italian compliance activities ex Legislative Decree 231/2001, with particular reference to monitoring and enforcing the Organization, Management and Control Model
?Support the activities of the Organismo di Vigilanza (Supervisory Body ex Legislative Decree 231/2001), including preparing periodical meetings, documentation and serving as its focal point
?Manage the Privacy Compliance system, provide guidance in relation to data privacy and associated matters and manage the relationship with the DPO (Data Protection Officer)
?Give legal advise to the Group Departement to ensure privacy by design at all levels
?Provide advice where a DPIA has been carried out and monitor its performance, including advising and assisting the Group business function with the carrying out of DPIAs
?Keep abreast of regulatory developments within or outside of the Group as well as evolving best practices in compliance control
?Manage the development, update, implementation and enforcement of information security governance including policies, baselines and procedures
?Identify and recommend appropriate security controls according to internal standards and key industry best practices and ensure that such controls operate as intended
?Conducting risk analysis and developing of corrective action and remediation plans for identified issues, risks, or vulnerabilities
?Support the information & cyber security incident management and escalation processes and procedures
?Support in the cyber security innovation process
?Develop and provide training on compliance related topics, policies or procedures and Cyber Security awareness programs to raise awareness around information security and compliance risks and best practices
Job Profile
Qualifications
?Bachelor’s degree
?Previous experience (10 years or more) in multinational, publicly traded company with a deep understanding of compliance, issues and a strong culture about the compliance requirements
?Expert level knowledge of data seurity and protection rules principles procedures, standard methodologies, and implementation of privacy programs, with particular reference to GDPR
?Expert level knowledge of international standards and best practices in terms of Information & Cyber Security Governance and experience with security practices and solutions
Skills
?Strong working knowledge and experience with risk management methodologies and procedures
?Ability to work on matters of high sensitivity and confidentiality with both professionalism and discretion
?Ability to work collaboratively with a broad range of constituencies and respond to their needs and collaborate effectively towards solutions
?Fluent knowledge of English languages is essential
?Strong sense of commitment
?Reliability
Benefits:
?Hybrid work
?Flexible time and one day-off per month
?Company restaurant
?Technical and soft training