Nexi group, azienda leader italiana che offre servizi e infrastrutture per il pagamento digitale per banche, aziende, istituzioni e pubblica amministrazione, è alla ricerca di un IT Security Senior Specialist per la sede di Milano.
Job Description
Why join us in 2024?
Think of the digital tools we use daily – from virtual shopping to contactless payments. They’re shaping our future. Join us to influence the future of digital banking in an innovative environment. With our global merger, the opportunities for personal growth and collaboration are immense.
If you join us in the role of (Infrastructure Security Senior Specialist), this is what you can expect from us:
- Attractive salary and an overall competitive package
- Well-structured training for the job and constant support from your manager
- Hybrid way of working
- Flexible work hours
- Equipment needed for the role (laptop and mobile phone, including monthly mobile phone subscription)
- Private health insurance
- Healthcare cost reimbursements
- Voluntary pension fund (company-sponsored retirement plan or pension)
The selected candidate will be part of the international “Cloud & Infrastructure Security” team within Nexi Group “Security Technology Architecture and Delivery” department. The desk is responsible for the operation of security technologies, devices and architectures for both client and server environments; with also the mandate of ensuring the compliance with security standards and guidelines and the adherence of newly delivered projects and services with security specifications defined in the design phase. The person will operate in a multi country environment along aside colleagues of other security offices.
Your key responsibilities in this role will be:
- Bachelor’s degree in information security, Computer Science, or related field
- A master’s degree in information security, Computer Science or related field will be considered as an advantage.
- 4+ years of experience in Information Security field, preferably in a multinational environment
- Familiar with Windows, Unix, Linux
- Understanding of Cloud Architectures: Knowledge of various cloud service models (IaaS, PaaS, SaaS) and deployment models (public, private, hybrid)
- Familiarity with Cloud Security Best Practices: Awareness of industry best practices for securing cloud environments, including identity and access management (IAM), data encryption, network security, and configuration management
- Network Security: Knowledge of network security principles, including firewall configuration, intrusion detection/prevention systems (IDS/IPS), virtual private networks (VPNs), and secure network architecture design in cloud environments
- Exposed to Web / Mobile / Digital Application Security
- Awareness of Security Standards
- Experience of managing/leading an IT Project
- Excellent command of English language both verbal and written
- Certifications and qualifications related to the cybersecurity field are considered as a plus (eg: AZ-500 Microsoft Azure Security, AWS Certified Security, CompTIA Security+, Cisco CCNP Security, CISSP, CISM, ISO27K-LA, CEH, CCSK)
- Awareness of financial industry standards (like PCI DSS) will be considered as an advantage.
- Familiar with WAF (Web Application Firewall) application security policy lifecycle management for web application security enforcement
- Knowledge of AV (Antivirus), EDR (Endpoint Detection & Response) and Antimalware system configurations and architectures
- Knowledge of Proxy devices and URL filtering policy management
- Security Monitoring and Logging: Experience with security information and event management (SIEM) solutions, log management tools, and cloud-native monitoring services (e.g., AWS CloudWatch, Azure Monitor) for continuous monitoring and analysis of security events.
- Knowledge of email security (antispam/ant phishing) architectures, best practice and security protocols
- Knowledge of Microsoft Office 365 security framework
- Working with stakeholders, users and people from across the organization to provide a dynamic and responsive support for all IT Security matters.
- Experience in the management of network firewall compliance and configuration
management tools (e.g., Skybox, Tufin, Algosec…) - Knowledge of DLP (Data Loss Prevention) systems and policy management
- Knowledge of Network Access Control systems and policies along with Cisco ISE
and 802.1X network authentication architectures and best practices - To carry on assigned project deliverables within target dates and participate to project meeting with a high level of autonomy and demonstrating ownership and reliability.
- To participate in the solution design of architectures and services ensuring they respect security standards and guidelines.
- Actively participate in troubleshooting sessions during incidents with the objective to restore service availability and the security posture of involved components.
- Coordinate and supervise external consultants’ tasks and activities and manage relations with vendors, suppliers, and system integrators.
- Receipt and apply security remediations or security policies on managed security systems (e.g., WAF, IPS, URL Filtering, DLP…)
- Participate in security tool’s KPI extraction, monitoring, gap analysis and remediation activities in order to ensure that all clients and server environments are compliant with security configuration baselines.
What makes you the best person for this job?
As you read about the role, are you eager to learn more? If so, review the qualifications that fit you for the position. Remember, beyond your skills and experience, it’s your potential that sets you up for success in your daily tasks.
Qualifications needed to be successful in this role:
- Proficiency in both written and spoken English is a mandatory requirement for effective operation in an international environment.
- Communication skills, stakeholder management, the ability to interact with project sponsors and managers in autonomy, team working skills and a problem-solving attitude complete the profile.
- Leadership skills to articulate complex security concepts effectively to both technical and non-technical stakeholders. Ability to collaborate with cross-functional teams, including developers, system administrators, and business units, to implement security measures aligned with organizational goals.
- Good understanding of information security technology controls
- Ability to demonstrate critical thinking, providing options and recommendations relating to resolving issues, mitigating risks, and resolving escalated items.
- Strong understanding of complex internal business processes and functions
- Ability to work independently on complex goals and virtual teams
- Stay up to date with information technology trends and security standards.
- Hands on experience of working in an international and dynamic environment.
Apply now!
If this opportunity resonates with you, we’d love to hear from you! Please apply at your earliest convenience. We’ll be reviewing applications continuously and closing the position once we’ve found the right fit. We are committed to creating a diverse culture where talents from all walks of life can feel like they truly belong.
By exploring this job opening, you’re one step closer to joining us. We’re excited to learn more about you!
If you are curious about working with us, but feel this is not the right role for you at this time, please join one of our communities.
This way, we can stay in touch for future job openings.
We look forward to getting to know you!
About Us
Are you interested in joining one of Europe’s leading PayTech companies?
Do you want to be part of a diverse team, collaborating with colleagues from across Europe? If so, you’re in the right place!
About the Team
We are the result of merging Nexi, Nets, and Sia, with a presence in over 25 countries. With over 80 years of experience, we offer plenty of opportunities for personal and professional growth
Per candidarti a questa posizione visita la seguente pagina: