Share this Job
Apply now »

Information Security and Risk Management Specialist


Bologna, IT

Crif S.p.A. is looking for an Information Security and Risk Management Specialist to join our headquarters at Bologna (BO).


The figure will report directly to the Head of Information Risk Management Department and be involved in activities related to Information Security Governance.

The new figure will be a subject-matter expert, executing in depth assessment of the IT processes and information security environments, addressing key points with pragmatic solutions supporting business areas.

IRMD specialist will support the definition and implementation of Information security processes, control environment and management system (e.g. ISO2700x certification). It will be involved in information security and risk management projects (e.g. in view of GDPR requirements and main sector regulations) providing feedback to our business owners, IT managers and IT operation teams working in true partnership with decision-makers across the business.


Job requirements and mandatory skills:

    • Master Degree in Management Engineering / Computer Information Technology / Computer Engineering;
    • 3 - 4 years experience in Information Risk Management and Information Security Governance, within a financial or technology industry
    • 3 - 4 years experience in IT risk evaluation and IT compliance, within a financial or technology industry (Financial Institutions entities, Banks)
    • Fluent knowledge of Italian and English languages is essential;
    • High level of following skills is requested: Flexibility, Problem solving, Initiative, Focus to   results, Communication both oral and written;
    • Professional Certification (e.g. LA ISO27001, COBIT, CRISK)
    • Knowledge of international standards and best practices in terms of Information Security & Governance (e.g. ISACA, COBIT, ISO27000 family, NIST Cybersecurity Framework);
    • Knowledge of data security and protection rules and principles, with particular reference to GDPR, PSD2, Bankit

Additional non-mandatory skills to be considered a plus for the position:

    • Master on Cyber Security
    • Knowledge of processes of Financial/Banks context



    • Capability of working constructively together with one or more people to complete a project or task or develop ideas or processes
    • Ability to manage and organize concurrent workloads and to plan the performance and delivery of activities in compliance with the expected deadlines, group guidelines and brand identity. Capability to organize and focus on priorities
    • Proactivity

Apply now »