The role is part of the Cyber Security function, the candidate will be responsible for supporting the area in the adoption, management and evolution of corporate solutions in the Cyber Risk management topics and will collaborate with the corporate structures to conduct risk assessment and directing risk monitoring plans and related remediation.
Main responsibilities:
- Implement a risk-based approach to prioritize development of secure patterns for high-risk assets or activities
- Update Sky risk management process in accordance with best practices, regulations and Sky Policy
- Cooperation with the group structures for cyber risk management activities
- Use of the corporate cyber risk management platform to manage the cyber risk register
- Continuously update the risk management process in accordance with best practices and with company Policy
- Management of Exceptions process to policies, standards and guidelines
- Monitoring and reviewing security controls to identify their operational effectiveness
- Facilitate audits and remediations of any findings noted in cyber security department
- Support on cyber security compliance on GDPR, NIS2 and PCI/DSS
- Cyber risk posture reporting to SKY management and Committee
- Development of visual dashboards that board directors can use to monitor risk
- Control of the effectiveness of the metrics adopted
Requirements:
- Proved experience in similar roles, gained in consulting companies and / or large companies in the ICT sector in relation to cyber risk management projects
- Master degree in Computer Science or Telecommunication Engineering
- Knowledge of the landscape of norms and standards in the privacy / information security field (HIPAA, NY DFS, GDPR, CCPA, ISO / IEC 27000, NIST, PCI DSS, etc.)
- Knowledge of the main Risk Management / Control Frameworks (COSO, COBIT, ISO, ITIL, NIST, FAIR, etc.)
- Able to articulate cyber risk management concepts to a wide range of recipients
- Excellent knowledge of cyber risk management tools and experience in using some of them.
- Excellent understanding of ICT services and architectures
- The achievement of CISSP, CISA, CISM, SANS GIAC certifications will be considered a preferential title.
- Languages: Italian, English
Soft skills:
- Excellent verbal and written communication skills
- Ability to constructively and proactively interact with all the stakeholders, respecting the work needs and the role of each.
- Flexibility, autonomy, speed; proactive and highly assertive candidate, with a strong goal orientation.
Top Skills
What We Do
Sky is one of Europe’s leading media and entertainment companies and is part of Comcast Corporation, a global media and technology company that connects people to moments and experiences that matter. At Sky, we Believe in Better. It’s in our DNA.
We’re famous for innovation. We offer the world’s smartest TV, Sky Glass; our plug and play streaming puck, Sky Stream; the best aggregation platform, Sky Q; and streaming services NOW and WOW. We provide connectivity you can count on in mobile, fast, secure, reliable residential and business broadband, as well as smart home protection through Sky Protect.
We’re Europe’s premium content producer. We create award-winning original content, produce the biggest live sporting events, and we provide free access to news and the arts.
We believe that we can have a positive impact on society, by supporting and creating tens of thousands of jobs, addressing digital inequality, being a diverse and inclusive employer, and becoming net zero carbon by 2030.
