La posizione è aperta all'interno del team di Generali Italia.
Governance & steering
* Perform recurrent meetings with Asset Management Companies to monitor the execution of the ICT Risk management activities
* Consolidate on a quarterly basis the results of the ICT Risk Management activities at GIH level and report the results to GIH Risk and Control Committee
* Prepare annual consolidated reporting for GIH Board of Directors on the evolution of the ICT Risk management framework and its operating effectiveness
* Support the design, implementation and maintenance of the overall ICT Risk Management Framework
* Coordinate the Local CRO of newly acquired Group Asset Manager for the implementation of the ICT Risk framework
ICT Risk Management
* Identifying and updating ICT & Cyber risk events related to business area managed
* Reviewing ICT & Cyber risk Scenarios based on its peculiarities
* Execute quantitative and qualitative risk methodologies
* Performing the economic quantification of ICT and Security Major incidents to evaluate DORA relevance
* Setting of ICT Risk Appetite Framework together with CISO and COO
* Analyzing of Operative risk tolerances quarterly evidence monitoring collected and defined mitigation actions
* Overseeing escalation process in case of hard limits breach and formalizing detailed risk evaluation
* Reviewing reports and evidence shared by IT and Security functions (e.G., Backup and restore reports, Vulnerability assessments)
* Formalizing executive reporting providing update on ICT Risk Management Framework risk evidence and key enhancements
* Formalizing and annual Reviewing ICT & Cyber Risk reports (e.G., ICT & Cyber Risk Report and IT Booklet)
Educational Qualifications
* Bachelor's degree in Computer Science, Information Technology (or equivalent experience)
Professional Experience
* Understanding of ICT and cyber security risks and the ability to develop and execute effective testing strategies with a good understanding of regulatory compliance requirements for the Financial Markets and Asset Management Industry
* At least 5 years of relevant experience within information security or cyber risk management
Technical Skills
* Experience with ICT risk management methodologies (e.G. ISO, COBIT, NIST)
* Experience with relevant regulation (e.G. GDPR, DORA)
* Knowledge of statistical analysis and financial modeling
Skills
* Strong analytical thinking and problem-solving abilities
* Excellent creative, analytical and computer skills with an entrepreneurial approach to large, complex, projects
* Superior communication (written and verbal) and presentation skills (Executive level)
* Excellent interpersonal skills with proven ability to build relations with internal and external functions
* Resilient, highly responsive and proactive, ability to successfully execute multiple projects and meet deadlines (effective prioritization of workload)
* Well organized with the ability to manage several priorities with a hands‑on approach
* Ability to work independently and as part of a team
* Flexibility to work with colleagues and stakeholders in an international team, operating across different countries and time zones
* Enjoys a fast‑paced, high‑intensity and complex environment, troubleshooting time‑critical issues and working with people
* Strong attention to detail; willing to take proactive action and desire to roll up sleeves
* Fluent English, any other languages are a plus
* Availability for business trips
#J-18808-Ljbffr