CDAITO_ Information Security Assistant Manager Location: London, GB
Intesa Sanpaolo is the banking group leader in Italy, assisting more than 14.6 million retail customers through a network of 5,360 branches. The Group supports the development of companies and contributes significantly to the country's growth. It has a retail banking presence in Central and Eastern Europe, the Middle East, and North Africa, with approximately 1,000 branches and 7.2 million customers in 12 countries. Intesa Sanpaolo also operates in 25 countries to support its corporate customers' cross-border business.
Scope and Purpose The Information Security Assistant Manager operates in close cooperation with the local Information Security Officer (ISO) and Head Office teams to define objectives for Cybersecurity and Business Continuity Programs and monitor compliance with those objectives.
Specific accountabilities of the Information Security Assistant Manager in support of the local ISO include:
Support oversight of information security and cybersecurity, providing periodic reports (at least annually) to top management.
Adopt, implement, and update Cybersecurity policies, rules, processes, and procedures in line with Head Office regulatory framework.
Consider confidentiality of Nonpublic Information and integrity of Information Systems in reporting to top management.
Work strategically with Head Office to monitor all aspects of information security and cybersecurity and coordinate security projects.
Perform continuous monitoring of Information Security and Cybersecurity programs to ensure compliance with objectives, policies, and procedures.
Identify and evaluate changes in local regulations and trends in Information Security and Cybersecurity.
Ensure local execution of Business Continuity activities, including periodic Business Impact Analysis, tests, and reporting.
Work with information owners in business units to determine appropriate security objectives.
Monitor network activity for malicious activity.
Evaluate vulnerability reports, vendor hot-fixes, and patches for applicability to deployed technologies.
Monitor the process of creating, changing, or removing user access across all systems.
Monitor the access control program and ensure documentation of account creations, deletions, and permissions is maintained and approved.
Responsible for the Cybersecurity and Business Continuity Training Programs.
Required Experience • Minimum 2-3 years in the cybersecurity and business continuity management environment, preferably in a Financial Institution.
• Experience in developing Cybersecurity awareness programs.
Required Qualifications, Skills and Knowledge • Bachelor's in Computer Science, Information Technology, or related field.
• Master's degree is a plus.
• CISSP / CISM certification preferable.
• Experience in application security and vulnerability management.
• Solid background in high-level Information Security management and Business Continuity management.
• IT/Cyber Security risk management experience, including application risk classification and control assessments.
• Knowledge of financial industry products and related IT platforms is a plus.
Everyone is an asset for our Group, and that person could be you! Check out our job opportunities, apply, and join our team!
#J-18808-Ljbffr