Information Security Officer

Intesa Sanpaolo

Intesa Sanpaolo è il maggior gruppo bancario in Italia con una significativa presenza internazionale. Il suo business model distintivo la rende leader a livello europeo nel Wealth Management, Protection & Advisory e ne caratterizza l'orientamento al digitale. I'impegno in ambito ESG prevede, entro il 2025, €115 miliardi di finanziamenti impact e contributi per 500 milioni a supporto delle persone in difficoltà. Gallerie d'Italia, è la sede espositiva del patrimonio artistico della banca e di progetti artistici di riconosciuto valore. https://group.intesasanpaolo.com/it/ _______________ Intesa Sanpaolo is the largest banking group in Italy with a significant international presence. Its distinctive business model makes it a European leader in wealth management, protection and advisory and ensures its strong focus on digital. Its commitment to ESG foresees, by 2025, €115 billion of impact financing and contributions of €500 million to support people in need. Gallerie d'Italia, is the exhibition venue for the bank's artistic heritage and artistic projects of recognised value. https://group.intesasanpaolo.com/en/ _________________ Sede Legale: Piazza San Carlo 156, 10121 Torino – Sede Secondaria: Via Monte di Pietà 8, 20121 Milano Tel. 011 555.1 – mail: [email protected] pec: [email protected] Registro delle Imprese di Torino e Codice Fiscale 00799960158 – Partita Iva 10810700152 N. Iscr. Albo Banche 5361 N. Iscr. Registro degli Intermediari Assicurativi e Riassicurativi - Sez. D. 000027210, data di iscrizione 01.02.2007 - Intermediario soggetto alla vigilanza dell'IVASS: https://servizi.ivass.it/RuirPubblica Per la presentazione dei reclami e eventuali sistemi di risoluzione delle controversie https://www.intesasanpaolo.com/it/persone-e-famiglie/reclami.html. Per assistenza: https://www.intesasanpaolo.com/it/common/parla-con-noi.html. Netiquette: https://www.intesasanpaolo.com/it/common/landing/anti-phishing/netiquette.html

Only considering candidates eligible to work in Dublin, IE ⚠️

Intesa Sanpaolo is the banking group leader in Italy. Assisting more than 14,6 milion of retail customers through a network of 5360 branches, it significantly supports the development of Companies and gives an important sustain to the country's growth. The Group has a selected retail banking presence in Central and Eastern Europe, the Middle East and North Africa, with approximately 1,000 branches and 7.2 million customers in 12 countries. Intesa Sanpaolo is also present in 25 countries in support of its corporate customers’ cross-border business. It is looking for new qualify profiles who want to face demanding and challenging career path with the following requirements:

Scope and Purpose

The Information Security Officer (ISO) spearheads the Information Security and Business Continuity efforts for the Bank, ensuring that local information security activities align with the Group Security  Plan.

The ISO collaborates closely with Head Office to guide the planning, development, implementation, and monitoring of information security for the banks enterprise's information systems.

Additionally, the ISO is responsible for developing and implementing security training and awareness programs to educate employees about the importance of information security, as well as business requirements and solutions related to cybersecurity

Specific Accountabilities:

  • Oversight and Reporting: Responsible for overseeing the state of information security and business continuity across the bank, providing periodic reports to the local Board of Directors and Group Head Office.
  • Business Continuity Management: Ensure the local execution of Business Continuity activities, including periodic Business Impact Analysis, BCM testing, and reporting, in alignment with the Group model.
  • Policy Development and Implementation: Develop, adopt, and periodically update local cybersecurity and business continuity policies, rules, processes, and procedures in alignment with the Head Office's regulatory framework and also satisfy Irish regulatory requirements
  • Third Party Security Management: Leading third-party information security management activities. This requires guiding and supporting the banks departmental heads in the selection of third-party service providers, ensuring that these choices align with the organisation's information security standards and local regulatory requirements..
  • Incident Response:  The ISO is responsible for the development, annual review and periodic update of local incident response policy, process and procedures, which must align with Head Office's group requirements and concurrently satisfy Irish regulatory requirements
  • Information Security Training: Direct responsibility for the local Information Security Training Program, providing regular, ad hoc training and awareness for bank staff on information security best practice and raising awareness of current threats.
  • Strategic Collaboration: Work strategically with the Head Office to monitor all aspects of information security and cybersecurity, ensuring professional coordination of security projects and tasks.
  • Continuous Monitoring: Perform continuous monitoring of Information Security and Cybersecurity programs to ensure compliance with objectives, policies, and procedures.
  • Regulatory and Threat Landscape Evaluation: Identify changes in local regulations which are relevant to the bank and maintain an initiative-taking awareness of changes in the Information Security and Cybersecurity threat landscape, concurrently, assessing new security products, attack vectors, and countermeasures.
  • Security Objectives Coordination: Work with information owners in business units to determine appropriate security objectives for resources.
  • Access Control and Compliance: Monitor the access control program, ensuring proper documentation and compliance with account management and password requirements.

Required Experience

  • Minimum 5 years’ experience of Information Security management and Business Continuity management activities.

Required Qualifications, Skills and Knowledge

  • Bachelor's degree in Computer Science, Information Technology or relevant technical field
  • Experience leading, implementing and driving a third-party security  management programme
  • Experience of developing and applying a controls environment based upon the NIST Cyber Security Framework across an organisation
  • Experience in developing and delivering Information Security and Cybersecurity awareness programs
  • Experience in information security risk classification / management
  • Experience in information security incident response activities
  • Master’s degree in appropriate technical area (Information Technology / Information Security)
  • Preferable Certified Information Security Manager (CISM)
  • Preferable to have experience working in a financial organisation and an understanding of financial processes.

Everyone is an asset for our Group and that person could be you! Check out our job opportunities, apply and join our team!

Intesa Sanpaologroup.intesasanpaolo.com

Leading Italian banking group offering extensive financial services globally.

Working Week

All our employees work a 4 day work week, 36hrs per week at full pay.

  • Mon
  • Tue
  • Wed
  • Thu
  • 🏖️
    Fri

Our Vacation Policy

Our employees receive 34 vacation days annually, including public holidays, with additional leave for study and family reasons.

  • 34 days
  • 52 Fridays
  • 86 days off per year

Remote Working Policy

Our employees can work remotely for up to 120 days a year, with flexible working days.

Company Benefits

  • Health insurance
  • 401(k) company contribution
  • Transparent Salaries
  • Generous parental leave
  • Dentalcare
  • Company retreats
  • Equipment allowance
  • Life & Disability Insurance
  • Professional Development Budget
  • Yearly bonuses
  • Mental Health Support

Our Team

We're a team of 96k across 19 departments:

  • finance
    918
  • information technology
    862
  • business development
    833
  • engineering
    597
  • human resources
    413
  • sales
    271
  • marketing
    246
  • legal
    173
  • operations
    167
  • +10 more teams

Desirable Skills and Experience

  • NIST Cyber Security Framework
  • Information Security Management
  • Business Continuity Management
  • Third-party Security Management
  • Cybersecurity Awareness Programs
  • Information Security Risk Management
  • Incident Response

Share this job:

Report incorrect data

Let us know if the job has expired