Group IT Security Analyst

The Sofidel Group Sofidel, headquartered in Porcari (Lucca), is a global leader in tissue paper production. With a presence in 12 European countries and 11 U.S. states, we employ over 9,000 people dedicated to innovation, sustainability, and inclusivity. Our products, including toilet paper, paper towels, and napkins, are available in more than 50 countries. We proudly own well-known brands such as Regina, Nicky, Sopalin, Le Trèfle, Hakle, Softis, Nalys, Cosynel, and KittenSoft, while also producing for private-label retailers. With the Papernet brand, we also cater to the "Away-from-Home" sector, ensuring quality solutions for businesses and public spaces. Wherever you are, Sofidel is there, bringing comfort, quality, and sustainability to everyday life!

To implement technologies, processes, IT/OT security System and preventive and control measures in order to safeguard Group systems, data and infrastructure and to prevent, detect and manage cyber threats.

• Drafts the Group IT/OT system security policies;
• Executes the Risk assessment of IT/OT tools and process and drafts the IT/OT risk management plan;
• Monitors the technologies, techniques and activities aimed at ensuring the protection of IT/OT systems in terms of data confidentiality, integrity and availability;
• Updates the ISO 27001 System and drafts the related procedures;
• Arranges training sections for the drafted procedures;
• Cures the IT/OT security of networks and systems by identifying issues and troubleshooting
• Cure the awareness of the Security Culture in the Group;
• Supports the implementation of systems to prevent data loss and theft
• Analyses cyber security events and their correlation
• Acts in compliance with Data Protection in line with current legislation and corporate policies

• Bachelor's and/or Master's degree in Informatics, Computer Science, Information Security, or related fields
• Good knowledge of the English language (written and spoken)
• Experience (including brief but relevant) in cyber threats, attack techniques, and vulnerabilities
• Security monitoring, assessment, or protection tools knowledge is considered an advantage
• Strong organizational and analytical skills
• Ability to work independently and as part of a team
• Attention to detail and strong problem-solving skills
• Ability to communicate technical security topics to non-technical stakeholders

It's great if you also have

• Relevant security certifications (e.g. CompTIA Security+, ISO/IEC 27001 Foundation, CEH)
• Experience in supporting security audits or compliance activities
• Experience in incident handling or SOC activities

• A full-time employment
• The chance to work in an international Group and a concrete opportunity for professional growth
• A dynamic environment based on teamwork
• Sofidel Language Learning Programme through innovative digital platform for you and one additional user, such as family member or friend.