Regional information security officer

DEKRA Italia Srl
Data inserimento:
Tipologia Contrattuale:
Contratto a tempo indeterminato
Annuncio valido anche per:
Roma, Torino

An exciting opportunity has arisen in our company. This position will be responsible for the information security in a regional scope reporting to the Chief Information Security Officer.

The Regional Information Security Officer (RISO) represents the interests of local entities in the region at the global level and ensures, that the business interests of the region and corresponding legal entities are given due consideration in decisions made globally. The RISO act as a communication hub between the local entities, in the area of regional responsibility, other regions and the global InfoSec organization.

The RISO support the Local Information Security Officer’s in accomplishment of their duties, both on an organizational Level, with Management Support, as well as on an operational level with information and organizing/coordinating support from the global InfoSec organization to solve local problems.

The responsibilities associated with this role are:

-Create and manage regional security strategies aligned with global InfoSec organization
-Enforce the Global Information Security policies, processes, procedures and ISMS on regional level
-Organize Information Security activities on Regional level​
-Ensure smooth information flow from the local entities to Global InfoSec organization and vice versa
-Support of regional projects from the Information Security point of view​
-Define and track the budget of information security on regional level including the measure for risk mitigation that the region may need
-Reporting InfoSec KPI’s/Projects for the region to global InfoSec organization
-Manage Regional Security Incidents and escalations
Oversees information security audits on region level, whether by performed by organization or third-party personnel
-Align awareness material with the local Information Security officer
-Support Global Information Security Organisation within DEKRA SE to enhence the information security maturity within DEKRA SE Group

Knowledge and Hard Skills Requirements:
-Master Degree in Business Administration or Engineering
Certification in “ISO 27001 as Lead Auditor” or Master Degree in Computer Sciences and Knowledge of primary value creation processes of the legal entity or CISM or CISSP Certified
-Information security standards such as “ISO 27001”, “NIST”, “DEKRA SE Information Security Policies, Standards, Guidelines” or similar standards used in the Country where the legal entity is located
-Applicable legal regulations concerning Information Security and/or IT Operations and/or regulations concerning encryption
-Knowledge for identification, evaluation, treatment of information security vulnerabilities, risks and threats
-Knowledge of and ability to use project management methods
-Knowledge of and ability to presentation techniques on employee as well as General Manager level
-Fluent business english (C1)
-Availability for travel internationally

Personal and soft skills:
-Communication skills
-Problem solving / conflict management skills
-Presentation skills on Employee as well as on General Manager level
-Ability to educate a non-technical audience about various security measures
-Planning capability
-Ability to take criticism
-Teamwork and collaboration skills
-Power of endurance
-Self employment/independent working
-Self organization
-Willingness to familiarize yourself with information security topics and related technical aspects
-Accuracy in performing tasks

Salery, benefits, Ict Kit:
-Salary commensurate with experience
-Ticket Restaurant
-ICT KIT: Personal Computer, Smartphone