Barilla G.& R. Fratelli is looking for a Cybersecurity International Manager, within the Group Digital & Business Technology. The position will report to the Cybersecurity Senior Manager and it will be based in our Headquarters in Parma.
The Cybersecurity International Manager will be responsible to coordinate, give the guidelines and control that cybersecurity processes are worldwide properly managed at each local level through the action of the cybersecurity Regional collaborators. He/she will guarantee the overall coherence with the cybersecurity evolution defined at global level, in accordance with Corporate policies/guidelines and leveraging the common baseline of procedures and tools. He/She will oversee the Security-by-design approach of the new locally-implemented projects and the effectiveness of the local incident response activities. The role shall be played with trusted relationships and tight collaboration with the other IT units, both in Headquarters and in Regions.
- Officialize cybersecurity policies and procedures to be applied at local level, in compliance with Corporate policies and industry standards (e.g. ISO/IEC 27001, ISA/IEC 62443).
- Define reference practices and architectures for local cybersecurity and their roadmap for continuous improvement, with a risk-oriented attitude
- Promote and coordinate initiatives for cybersecurity awareness in each Region, in partnership with local IT for execution.
- Perform regular assessments of local cybersecurity posture, engaging and coordinating with local IT colleagues, and lead the evaluation/prioritization of findings.
- Interact with Internal Audit in auditing activities related to information security in Regions/countries.
- Prioritize, plan and monitor local remediation to be performed by local IT, taking part to the definition of technical requirements and specifications.
- Promote a “security by design” approach in all IT projects, as well as external vendors and partners of Barilla, and all cyber requirements and preliminary checks are performed by project managers and/or local IT.
- Plan the extension/adoption of basic detection/protection solutions by local IT: log management (SIEM), intrusion prevention, endpoint protection, central system patching, …
- In cooperation with local IT, design local cyber incident response plans harmonized with global incident response.
- In case of cyber incident involving a local subsidiary, coordinate response activities between central cybersecurity and local IT, and supervise tasks performed by local IT (or partners) in remediation and recovery.
- Be an internal reference point to local IT colleagues for cybersecurity matters, by increasing technological know-how, standards and methodologies.
- Manage a dynamic and diverse team, with international presence, around cybersecurity governance, duties and operations, including external partners.
- An overall professional experience of 7+ years in companies with high level of complexity. Experience in the following areas is preferred: cybersecurity, IT compliance and risk management.
- Master Degree in Information Technology, ICT Engineering, Information Security, Security Governance.
- Good technical and managerial background in the following areas, and related technological solutions: IT Asset Management, Identity & Access Management, Network Security, Endpoint Protection, Security Operations, Secure Software Development Lifecycle, Data Protection, Infrastructure/Application Change Management, Incident Management, Physical & Environmental Security, IT Security Governance.
- Knowledge of risk management methodologies. Knowledge of the most prominent cross-national regulatory frameworks in cybersecurity (e.g. NIS Directive) and privacy (e.g. GDPR) is a plus.
- Proven track in managing complex IT projects in an international context.
- Strategic orientation to problem solving and results.
- Ability to manage cross-functional working teams.
- Ability to communicate effectively with all levels of his/her counterparts in a large organization and build strong partnerships through daily interactions and a dynamic leadership style.
- Natural attitude to confidentiality.
- Type of contract: Permanent local contract
- Starting date: September 2021
- Location: Parma
- Smartworking according to company policies