Cybersecurity Engineer

Purpose and Activities

The person we are looking for will be able to apply their skills and develop their interest in defining security requirements for innovative areas. They will work in a highly specialized team and actively participate in the evolution of security controls by defining requirements and objectives and verifying their correct adoption. The work performed will be valuable both for the Parent Company and for the various companies of the Intesa Sanpaolo Group, with the opportunity to interact with different professional profiles and international corporate cultures.

The resource will support the team in defining security requirements and objectives to be considered when introducing or evolving cybersecurity technological components including, by way of example:

• Identity and Access Management tools and technologies (knowledge of SAML, OAuth, Single Sign On and MultiFactor Authentication modes)

• Tools and technologies to protect endpoints (e.g., EDR platforms, Antimalware, Application Control, Data Loss Prevention)

• Tools and technologies for application protection (e.g., AntiDDoS platforms, Web Application Firewall, API Security/Protection)

• Network Security and network Monitoring tools (e.g., IDS/IPS, Network Detection & Response, BAS)

• Cloud security solutions (e.g., CNAPP, CSPM, CWP, CASB, SSPM platforms)

• Solutions for the management of secrets and encryption keys (e.g., HSM, Secret Management, CA)

Required Experience

At least 3-5 years of experience in cybersecurity within an enterprise context.

Required Qualifications, Skills and Competences

The person we are seeking:

• Knows the relevant frameworks (e.g., NIST Cybersecurity, ISO 27001, ISO 22301...) and regulations (e.g., law on the national cybersecurity perimeter, Circular 285, NIS Directive, PSD2...) on Cybersecurity and Business Continuity, with experience implementing them

• Has a good knowledge of major security technology vendors

• Has excellent knowledge in at least one of the following security areas: Identity & Access Management, Network Security, Cloud Security, Endpoint Security, API Security, Secret and Key Management

• Has participated in at least one complex IT project for the development of cybersecurity and/or business continuity solutions (preferably in Finance), on-premise and/or cloud-based and/or hybrid and/or integration projects of market products (system integration) in complex contexts

• Has excellent knowledge of the English language

• Has excellent knowledge and command of the Office suite (Word, PowerPoint and Excel)

• Preferably holds active security certifications such as CISSP, CCSP, CISA, CISM, GSEC, SANS GIAC, ISSAP, etc.

Who we are

We are a leader in Italy and one of the main banking groups in Europe. Join us and be part of our success story! With over 20 million clients in Italy and abroad, we are a true engine of sustainable growth with a strong commitment to the environment and a tangible impact on society.

People are at the center; we take care of them and are committed to creating an inclusive culture within the Group where everyone feels involved and valued.

Join our international organization. The future is not waited for, it is chosen!

We guarantee an inclusive and equal opportunities environment. We will consider all candidates regardless of race, religion, sexual orientation, gender identity, marital status, age, disability or any other protected category in accordance with relevant Italian legislation.

For the evaluation of applications, data will be used by Intesa Sanpaolo S.p.A. as Data Controller. Please review the dedicated Privacy Notice provided in the posting.