Cyber Security Governance Specialist
Prima
Are you looking for a new challenge?
Fancy helping us shape the future of motor insurance? Prima could be the place for you. Since 2015, we’ve been using our love of data and tech to rethink motor insurance and bring drivers a great experience at a great price. Our story began in Italy, where we’ve quickly become the number one online motor insurance provider. In fact, we’re trusted by over 5 million drivers. And now we’re expanding to help millions more drivers in the UK and Spain. To help fuel that growth, we need a Cyber Security Governance Specialist to join our Security Team . The Engineering Department is the beating heart of Prima. You’ll be joining over 350 engineers across software development, infrastructure, operations and security: fueled by curiosity, experimentation and collaboration, you’ll help deliver scalable, impactful solutions that shape the future of insurance. Excited to make an impact? Here are the details What You’ll Do- Contribute to the definition, implementation, and continuous improvement of the cybersecurity governance framework, including policies, procedures, and controls aligned with international standards and regulatory requirements (e.g. ISO/IEC 27001, NIST CSF, COBIT, GDPR, DORA)
- Support Business Continuity Management (BCM) and IT Disaster Recovery (DR) activities, contributing to Business Impact Analyses (BIA) activities, critical asset dependency mapping, the definition and maintenance of Recovery Time and Recovery Point Objectives (RTOs/RPOs) and participation in business continuity and IT Disaster Recovery tests and exercises (e.g. tabletop simulations)
- Perform security audits, gap analyses, and cyber risk assessments, identifying remediation actions and supporting their execution with relevant stakeholders
- Participate in third-partyand resilience assessments, as well as security assessments of emerging technologies, including Artificial Intelligence (AI) solutions
- Support cybersecurity awareness initiatives, training programs, and onboarding activities related to security topics
- 2+ years of experience in cybersecurity governance, risk, compliance, or security assurance roles, preferably in regulated and technology-driven environments.
- Familiarity with Business Continuity Management (BCM) and IT Disaster Recovery (DR) concepts, including participation in Business Impact Analyses (BIA), critical asset dependency mapping, definition of RTOs and RPOs and Disaster Recovery tests or exercises
- Familiarity with Artificial Intelligence (AI) technologies and their associated governance, risk, compliance, and security considerations, including the assessment and oversight of AI-enabled systems
- Proven knowledge of major cybersecurity frameworks (e.g., ISO/IEC 27001, NIST CSF) and regulatory landscapes (GDPR, DORA)
- Strong English communication skills, with the ability to collaborate effectively with multidisciplinary teams
- Certifications such as CISSP, CISM, CRISC, ISO/IEC-27001 Lead Implementer/Lead Auditor, ISO 22301
- Exposure to Business Continuity Management and recovery planning
- Experience supporting regulatory compliance for new digital operational resilience standards (e.g., DORA);
Offerta di lavoro pubblicata 2 mesi fa
Ricerche correlate