JOB NUMBER: JB03980
VACANCY NUMBER: ADV04759
ORGANIZATION: MSC Crociere S.P.A.
BUSINESS AREA: Office
LINE MANAGER: Cyber Security GRC Team Leader
MSC Cruises, the 3rd largest cruise operator globally, is seeking a highly skilled and experienced Cyber Security Governance, Risk & Compliance Specialist to join our dynamic and international team in Naples. The Cyber Security GRC Specialist at MSC Cruises ensures operational efficiency and compliance. Responsibilities include implementing the GRC framework, focusing on IAM, data protection, and privacy solutions. The role involves safeguarding sensitive information, managing access controls, and ensuring adherence to privacy standards and regulations. Join us in fortifying our organization's cyber security posture.
•Support the development and maintenance of Cyber Security policies and standards to align with business goals and regulatory requirements.
•Identify and prioritize cybersecurity risks, collaborating with various departments to ensure comprehensive risk coverage, by implementing risk mitigation measures and controls, monitoring their effectiveness, and adapting strategies as needed.
•Configure and maintain users identity lifecycle processes, including user provisioning and access reviews.
•Collaborate with cross-functional teams to ensure consistent application of identity and access management controls (RBAC, ABAC, PAM).
•Support data protection strategies to ensure confidentiality and integrity of sensitive information.
•Collaborate with the Data Protection Officer (DPO) and Legal teams to review contracts by developing and enforcing policies aligned with data protection laws.
•Support Cyber Security audits to identify and remediate potential cyber and data security risks.
•Ensure adherence to cyber security laws, regulations, and industry standards (e.g. ISO 27001, NIST, PCI DSS).
•Support cybersecurity awareness programs to educate employees about security best practices and threats.
•English and Italian as primary languages, Chinese as an asset.
•Degree in Cybersecurity, Information Technology, or related field (Master's preferred).
•Relevant industry certifications such as ISO27001, CIPT, CAMS, CIAM, CIGE, CIMP, CIPA, CIST, CRFS, CISSP, CISM, CISA, CRISC or equivalent will be an advantage.
•Proven experience (3+ years) in Cyber Security GRC, IAM, Data protection, Privacy roles.
•Strong understanding of cybersecurity frameworks, standards, and best practices.
•Ability to collaborate effectively with cross-functional teams and stakeholders.
Right to work in Italy.
In the course of our recruitment and selection process, we may make your Personal Information available to third parties such as recruitment agency, intermediaries and other business partners.