You will support De’Longhi Group in the definition and update of the Compliance & Information Cyber Security vision and strategic direction for the organization. You will join the Legal & Corporate Affairs Department, directly reporting to the Group General Counsel, who is responsible for the organization-wide security and governance, risk, awareness, and compliance with industry standards and regulatory requirements. Main Responsibilities Manage and proactively monitor the internal compliance program to ensure the Group conducts its business in full compliance with applicable laws and regulations as well as accepted business practices and internal policies by leading the associated risk assessment/mapping and monitoring activities in line with local legislation. Implement and manage Italian compliance activities ex Legislative Decree 231 / 2001, with particular reference to monitoring and enforcing the Organization, Management and Control Model. Support the activities of the Organismo di Vigilanza (Supervisory Body ex Legislative Decree 231 / 2001), including preparing periodic meetings, documentation, and serving as its focal point. Manage the Privacy Compliance system, provide guidance regarding data privacy and related matters, and manage the relationship with the DPO (Data Protection Officer). Provide legal advice to the Group Department to ensure privacy by design at all levels. Advise and monitor the performance of DPIAs, assisting the Group business functions with carrying out DPIAs. Stay updated on regulatory developments within and outside the Group, as well as evolving best practices in compliance control. Develop, update, implement, and enforce information security governance including policies, baselines, and procedures. Identify and recommend appropriate security controls according to internal standards and industry best practices, ensuring their effective operation. Conduct risk analyses and develop corrective actions and remediation plans for identified issues, risks, or vulnerabilities. Support incident management and escalation processes related to information & cyber security. Assist in cyber security innovation initiatives. Develop and deliver training on compliance topics, policies, procedures, and cyber security awareness to promote best practices and awareness of risks. Job Profile Qualifications Bachelor’s degree. At least 10 years of experience in a multinational, publicly traded company with a strong understanding of compliance issues and a compliance-oriented culture. Expert knowledge of data security and protection rules, principles, procedures, methodologies, and privacy programs, especially GDPR. Expert knowledge of international standards and best practices in Information & Cyber Security Governance, with experience in implementing security practices and solutions. Skills Strong experience with risk management methodologies and procedures. Ability to handle sensitive and confidential matters professionally and discreetly. Excellent collaboration skills to work effectively with diverse stakeholders. Fluent in English. High commitment, reliability, and a proactive approach. Benefits Hybrid work model. Flexible working hours and one day off per month. Company restaurant. Technical and soft skills training. J-18808-Ljbffr