Company profile
IDV is a leading company in the design and manufacturing of vehicles for the defense sector.
The company's operational site is located in Piacenza, while the headquarter is in Bolzano.
Role Introduction
The Cybersecurity Governance Manager is responsible for the R155 CSMS within the Company and oversees product cybersecurity processes to ensure compliance with cybersecurity regulations and standards.
He/She has a strong background in automotive cybersecurity, with solid knowledge of UNECE R155, ISO/SAE 21434, and audit methodologies including ISO/PAS 5112:2022.
He/She has good knowledge of Functional Safety Engineering (ISO 26262) and of Company Product Development and Change Management processes.
Key Responsibilities
-
Draft and maintain Cybersecurity Governance Processes and Procedures together with cross-departmental stakeholders.
-
Ensure coherence between Cybersecurity Governance Processes, Company Cybersecurity Policies, and technical Cybersecurity procedures, all belonging to the CSMS framework.
-
Ensure awareness of cybersecurity processes and requirements through trainings to relevant Company functions and departments.
-
Manage compliance audits for R155 certification of the CSMS.
-
Collect periodic KPIs to monitor cybersecurity performance and CSMS effectiveness across Company products.
-
Address cybersecurity issues and risk treatment decisions for Company products, including coordination of escalation /Steering Committees involving relevant functions (e.G. Quality, Homologation) and management of risk acceptance / reduction decision when required, across the entire lifecycle (development, production, post-production).
-
Manage cross-functional teams in case of cybersecurity incidents or major cybersecurity events.
-
Cooperate with other Company functions (e.G. Purchasing, Legal) involved in supply chain cybersecurity risk management to ensure appropriate mitigation strategies are defined and implemented.
-
Ensure Lessons Learned from cybersecurity incidents, assessments, and audits are used to continuously improve the CSMS.
-
Cooperate with owners of the Quality Management System and toolchain to ensure proper integration of cybersecurity processes into QMS and Company systems/tools.
-
Monitor the application and the effectiveness of cybersecurity processes along the entire lifecycle (development, production and post-production) through dedicated audits.