1. Home
  2. IT development
  3. Site Information Security Officer

Offers “STMicroelectronics”

Expires soon
STMicroelectronics

Site Information Security Officer

  • Internship
  • Catania (Catania)
  • IT development
Apply Now

Job description



General information

Reference

2020-5619  

Job level

40 - Experienced

Position description

Posting title

Site Information Security Officer

Regular/Temporary

Regular

Job description

The purpose of the job is to ensure that the ST information security framework is deployed at the site, with the objectives that information security risks are known and managed appropriately.

The risks considered are those affecting the Confidentiality, Integrity and Availability of Company data hosted on computer systems (servers, PCs, mobiles, IT applications, SaaS…) and the cyber-attacks against industrial devices used for Company business.

Main activities:

Infosec assurance at the site

Perform regular reviews to detect gaps at the site vs. InfoSec framework
Build and maintain the site InfoSec risks log, taking inputs from audits, site InfoSec reviews, requests from departments at the site, requests from Central InfoSec, site InfoSec survey, incident or anomalies
Run the site InfoSec survey organized by Central InfoSec, ensuring complete, accurate and timely response

 
InfoSec governance and support at the site

Regularly report the InfoSec posture of the site to site management
Support all functions at the site in implementing the InfoSec framework
Be the primary interface for the site with Central InfoSec, including for site-based InfoSec audits (certification, customer, internal) and actions triggered by Central InfoSec

InfoSec technical reference at the site

Ensure that the technical architecture at the site is maintained, especially for the cyber security zones
Participate to relevant IT CAB(s) at the site and help building work orders for the SOC

Site services and local solutions

Ensure security in local IT solutions / industrial solutions, site services (such as physical security, facilities and canteen systems), labs and warehouses
Ensure that site services follow the security procedures (security in contracts, connection to ST network, security for cloud services…)
Provide the required infosec support to achieve the above objectives

Security awareness

Promote InfoSec awareness campaigns and materials within the site, leveraging upon the initiatives at company level from Central InfoSec
Pro-actively propose initiatives to raise InfoSec awareness and, after agreement with Central InfoSec, deploy them within the site
Promote within the site the need to report InfoSec incident or anomaly using the right reporting channel
Use all opportunities to raise InfoSec awareness through the communication channels available at the site

Security incident management

Report InfoSec incidents and anomalies to Central InfoSec
Provide timely answers to CSIRT queries and help resolving cases

Infosec day to day operations

Support the preparation of security exception requests
Review requests at the site that require site InfoSec officer approval

Profile

This position is for a cyber-security professional with 5-10 years of experience covering several domains of information security.

Ability to cover the entire scope of information security
Expertise in several domains of cyber security (such as network, system, application, incident management, awareness, vulnerability management, audit and risk assessment…)
Experience in delivering security training and briefing sessions with management
Ability to interact with people at all levels of the organization
Excellent facilitation, communication and influence skills
Ability to treat several topics in parallel, to "clarify the unknown", to translate technical aspects into risks and to communicate on those risks
Ability to consider short-term as well as longer term actions and to anticipate.
Trustworthy and Rigorous.
High level of autonomy and pro-activity
 - Bachelor in information security or equivalent

- Security certification is a plus (CISSP)

- Language spoken at the site is a must, English at minimum B2 (CEFR scale)

- Experience working in an international environment is a plus

 This position may require occasional travels in ST worldwide

 The Employment search is addressed to candidates of both genders, under Law 10.04.1991 n. 125, as amended by Legislative Decree n. 198/2006 which guarantees gender equality at work

Position localisation

Job location

Europe, Italy, Catania

Candidate criteria

Education level required

5 - Master degree

Experience level required

6-10 years

Languages

·  Italian (4- Mother tongue)
·  English (3- Advanced)

Requester

Desired start date

01/09/2020

Make every future a success.
  • Job directory
  • Business directory
    •