Find Your 4-Day Work Week

Discover companies offering 4-day work weeks. Better work-life balance, competitive pay, and happier careers.
"The future of work is here" - 4DayJob

As seen in

Ben's Bites
GM Weekend

VOCABOTICS

Trends Weekly

🤍 If you like 4DayJob, give us a shoutout on 𝕏

Intesa Sanpaolo
IT Security Risk Manager
Remote

Share:

Activities:

  • Contribute to developing and maintaining the framework and methodologies for ICT and Security risk management and control
  • Manage the identification and assessment of ICT and Security risks, actively participating in the execution of Risk Control Self Assessment processes and scenario analysis, and in the design and execution of second-level control campaigns
  • Collaborate in the development and maintenance of the Risk Appetite Framework for ICT and Security risks, helping define indicators, thresholds, triggers and escalation mechanisms
  • Analyze the main critical issues related to ICT and Security risks by supervising the definition of appropriate strategies for managing identified risks and monitoring the progress of mitigation actions
  • Participate in defining, drafting and monitoring synthetic metrics for the Group’s ICT and Security risk profile
  • Collaborate in the evaluation and drafting of internal regulatory documents
  • Develop and maintain a structured internal and external reporting system, including regulatory reporting, in relation to ICT & Security risk exposure

Experience Required:

  • 3+ years of experience in Cybersecurity or Risk projects

Required Qualifications, Skills and Competencies:

  • Degree in a scientific or quantitative economics field
  • Master’s in Cybersecurity and/or Risk Management
  • Good command of written and spoken English
  • ERM Risk Management skills related to frameworks, best practices and standards (ISACA CRISC, ISO 31000, COSO ERM, NIST RMF/CSF, ISO 27005), risk register, qualitative and quantitative risk assessment methodologies, risk appetite framework management (thresholds, governance, escalation, alignment with strategy)
  • Technical skills in Cybersecurity & ICT including knowledge of ICT technologies, threat landscape, infrastructure security, cloud, IAM, SIEM/EDR, DLP
  • Quantitative modeling skills (quant) including statistics, probability assessment, risk models (Expected Loss, Monte Carlo), data analytics
  • Technical development skills in process automation, data analysis, risk modeling, data integration, scripting for ETL and dashboarding (Power BI/Tableau/Looker)
  • Knowledge of Risk Management regulations (e.g. DORA, NIS2, GDPR, GAR2, Basel III/IV, ICAAP/ILAAP), including interpretation, impact assessment and process implementation
  • Skills in defining indicators (KRI/KCI/KPI), thresholds and triggers for risk monitoring and reporting
  • Skills in drafting management, executive, C-level and Board reporting (dashboards, heatmaps, trends, mitigation plans, budget requests)
  • Technical skills in risk and control assessment (COSO, COBIT, ISO 27001, audit readiness, policies and standards)
  • Process and business understanding (mapping core processes and translating ICT and Security risk impact into business context)
  • Data governance skills (metrics definition, data quality, ownership, dashboarding)
  • Good knowledge of Office365 tools

Additional Qualifications:

  • Ethical Hacking skills
  • Preferred certifications: ISACA CRISC, ISACA CISM, ISACA CDPSE, OSCP, OSWE, eCPPT(x), eWPT(x), ISACA CISA, ISO 27001, ISO 22301
  • Project & Program Management knowledge (risk treatment programs, mitigation prioritization, change management)

About Us:
We are the leader in Italy and one of the main banking groups in Europe. Join us and be part of our success story! With over 20 million customers in Italy and abroad, we are an engine of sustainable growth with a strong commitment to the environment and a tangible impact on society.

People are at the center; we take care of them by fostering an inclusive culture where everyone feels valued.

Join our international reality. The future is not awaited, it is chosen!

#sharingfuture

We guarantee an inclusive and equal opportunity environment. We consider all candidates regardless of race, religion, sexual orientation, gender identity, marital status, age, disability or any other protected category (Legislative Decrees 198/2006, 215/03, 216/03).

For application evaluation, data will be used by Intesa Sanpaolo S.p.A. as Data Controller. Please see the dedicated Privacy Notice.

Source: 4dayweek.io

Please mention that you found this job on 4DayJob, this helps us get more companies to post here, thanks!

© 2025 4DayJob. Helping you find better work-life balance through 4-day work weeks.