HSPI S.p.A. is a management consulting firm operating since 2003, with offices in Milan, Bologna, and Rome. We support clients through change processes driven by Information & Communication Technology and specialize in Business Consulting, IT Strategy & Governance, and Digital Innovation.
Since October 2020, we have been part of TXT Group, an international player providing expertise and professionalism to assist clients in their digital transformation journey, guiding them toward innovation.

CYBER SECURITY SENIOR CONSULTANT:

HSPI S.p.A., a leader in IT Governance services and part of the TXT Group, is seeking to expand and strengthen its team at the Cosenza office and is looking for a candidate to fill the role of Senior Cyber Security Consultant.
The Cyber Security Consultant is responsible for safeguarding the security of company systems and data, aiming to reduce exposure and risks related to cyberattacks.
The term “Cybersecurity” refers to the strategy designed to protect systems, data, networks, and programs from digital attacks.

REQUIRED TECHNICAL SKILLS:

Knowledge of the main information security frameworks (ISO 27001 / 27002, NIST Cybersecurity Framework / National Cybersecurity and Data Protection Framework, CIS-CSC/SANS 20, CCM-CSA, etc.);
Knowledge of key information security regulations (GDPR, NIS Directive, National Cybersecurity Protection perimeter, AGID minimum measures, etc.);
Familiarity with major software development methodologies and secure software development cycles (AGILE, DevOps, DevSecOps, etc.);
Knowledge of key security software and expertise in Ethical Hacking;
Ability to conduct Risk Assessments;
Proficiency in primary programming languages;
Familiarity with data mining and statistical analysis;
At least 3 years of prior experience in a similar role.
Education: Degree in Engineering, Mathematics, Technology, Computer Science, or related fields.

Support in reviewing the methods for defining requirements for software development services related to information security from a risk-based perspective;
Support in defining the control framework for identifying threats;
Support in defining and implementing the risk analysis methodology;
Support in defining security requirements for software under development;
Support in defining cost/benefit analysis processes;
Support in defining Business Continuity processes;
Involvement in IT Governance activities and monitoring of cybersecurity projects.