Cybersecurity GRC Consultant

RINA is currently recruiting for a Cybersecurity GRC Consultant to join its office in GENOA, ROME OR MILAN within the Cyber Security and Management Consulting Division.

RINA is currently recruiting for a Cyber Security GRC consultant to join our Cyber Team in GENOA, ROME or MILAN.

The persons will be in charge of:

• Carry out technical activities such as:
• Identify security risks within organizations and complex systems/architectures.
• Design security measures and provide recommendations or suggestions to improve security postures.
• Verify compliance with laws, regulations, and standards pertaining to security and cybersecurity.
• Provide support to Customers in cybersecurity related activities.
• Draft technical/procedural documents related to:
• IT Security Governance, Risk and Compliance aspects (wrt ISO/IEC 27001:2022, NIS/NIS2 directives, PSNC, etc.)
• INFOSEC aspects (wrt National Scheme for IT products security evaluation, Common Criteria/ISO 15408, ENISA EUCC)
• Cybersecurity in Industrial Automation Control Systems (wrt IEC 62443 requirements families for risk assessment, systems and components)
• Marine cybersecurity requirements from International Association of Classification Societies (wrt IACS Unified Requirements, IMO circulars, Flag Administrations requests, etc.)
• Maintain and update the RINA cybersecurity guidelines and assessment methodologies.
• Support the business development from a technical point of view, drafting technical offers and detailing services (for senior personnel).

#LI-MM2

Bachelor’s Degree in Engineering General

Requirements:

• Knowledge of laws, regulations, international standards and best practices (e.g., ISO/IEC 27001 and 27000 family, NIST Cybersecurity Framework and National Framework for Cyber Security and Data Protection, NIS/NIS2 Directives, ISA/IEC 62443, Common Criteria/ISO 15408, ISO 21434, etc.).
• Engineering academic background.
• Strong problem-solving ability.
• Excellent verbal and written communication skills - Italian and English as a minimum.
• Flexibility and ability to multi-task in a fast-paced atmosphere.
• Availability to travel within the country and abroad.

Desired Requirements:

• Experience with a wide range of computer systems and security tools.
• Security Certifications: e.g., ISO/IEC 27001 Qualified Lead Auditor, GIAC/GICSP or ISA/IEC 62443 related certifications, CEH, OSCP, ISACA CISM/CISA/CRISC, ISC2 CISSP.
• Adequate knowledge of programming languages (Java, C/C++/C#, VB.Net, Python), their interfaces with principal DBMS, and their development environments.
• Adequate knowledge of networking (in terms of segmentation, used protocols, security, etc.). Past experiences in network administration/configuration will be appreciated.

• ADDRESS THE WAY - Have a big picture of different situations and reinterpret it in a perspective way
• BUILD NETWORK - Forge trust relationships, across departments, and outside the organization
• CLIENT INTIMACY - Embrace internal and external client needs, expectations, and requirements to ensure maximum satisfaction
• EARN TRUST - Take everyone's opinion into account and remain open to diversity
• MAKE EFFECTIVE DECISIONS - Structure activities according to priorities, actions, resources and constraints
• MANAGE EMOTIONS - Recognise one's and other's emotions and express and regulate one's reactions
• PIONEER CHANGE - Actively embrace change and benefit from the new circumstances
• PROMOTE SUSTAINABLE DEVELOPMENT - Promote commitment by keeping promises as a Role Model
• THINK FORWARD - Capitalise on experiences and translate them into action plans for the future

With over 5,600 employees and 200 offices in 70 countries worldwide, RINA provides certification, marine classification, product testing, site supervision, vendor inspection, training, and engineering consultancy services across various sectors. Our business model covers the full project development process, from concept to completion, ensuring technical, environmental, safety, and sometimes economic and financial sustainability.

At RINA, we strive to create a work environment where every individual is valued and encouraged to develop new ideas. We are committed to equal employment opportunities and to maintaining a workplace free from discrimination or harassment of any kind. We comply with Italian Law n. 68/99.