Ph3Mission /h3pEnsure the protection, integrity and compliance of the company’s IT systems and information assets by implementing corporate security standards, managing local risk and compliance requirements, and leading security governance and incident response processes. /ph3Role Description /h3pThe IT Security Compliance Manager is responsible for overseeing local IT security governance and ensuring alignment with corporate security standards and regulatory requirements. Acting as the main point of contact for IT risk and compliance matters, the role coordinates with Corporate IT, Legal, and Business stakeholders to assess risks, implement controls, manage incidents, and ensure ongoing compliance with applicable laws and internal policies. /ppThe position will have a direct hierarchical reporting line to Security Risk Compliance Country Manager. /ppThe position is based in Milan. /ph3Responsibilities /h3ulliAct as the primary liaison with Corporate Global IT Risk Compliance (GIRCO), ensuring alignment with global IT security standards and providing local feedback. /liliConduct local IT risk assessments in coordination with business stakeholders and define mitigation plans. /liliAdapt and implement corporate IT security standards (deriving from SOX controls) and define local technical and organizational security measures. /liliEnsure compliance with applicable local regulations (e.g., data protection and privacy laws) in collaboration with the Legal department. /liliMonitor, review, and evaluate IT security procedures and controls; report compliance status and identify areas of improvement. /liliDefine and follow up on action plans to strengthen IT security controls and reduce risk exposure. /liliOversee security incident monitoring and act as first-level responder, coordinating escalation and resolution with Corporate IT. /liliLead IT security awareness and training initiatives across the organization. /liliSupport and advise local IT and business teams on security and compliance matters. /liliEnsure IT projects and technical solutions comply with security standards, audit requirements, and architectural guidelines. /liliManage external vendors and ensure adherence to contractual KPIs and SLAs related to security and compliance. /liliOversee internal and external audit activities on IT processes /li /ulh3Work Experience /h3ulliMinimum 5–7 years of experience in IT Security, IT Risk, or Compliance roles. /liliExtensive knowledge of information security principles, cybersecurity frameworks (e.g., NIST, ISO 27001), and risk management practices. /liliWorking knowledge of security auditing, vulnerability assessments, and risk mitigation. /liliExperience with main security technologies such as firewalls, intrusion detection systems, SIEMs, encryption protocols, cloud security principles (mainly MS Azure). /liliSolid knowledge of data privacy regulations (GDPR) and compliance requirements. /liliStrong plus: /liliExperience with security standards PCI-DSS /liliRelevant certifications CISSP, CISM, CRISC, ISO 27001 Lead Implementer/Auditor, or similar /liliUnderstanding of artificial intelligence and machine learning applications in security. /li /ulh3Soft Skills /h3ulliStrong leadership and communication skills /liliAbility to influence stakeholders at different organizational levels. /liliStrong analytical skills and ability to manage stakeholders across different functions /li /ulh3Education /h3ulliDegree in Information Technology, Computer Science, Cybersecurity or a related field. /liliStrong knowledge of IT security frameworks and risk management methodologies. /liliGood understanding of data protection and privacy regulations (e.g., GDPR and other applicable local laws). /li /ulpTravel availability: Low /ppLanguage Requirement: English: Advanced /ppemThis announcement has been published by The Adecco Group, via Tolmezzo 15, 20132 Milan, Italy – /em /ppPosting date: /p /p #J-18808-Ljbffr