ESSENTIAL REQUIREMENTS

• Degree in Computer Science, Information Security, or equivalent experience in Cyber/Information Security;
• At least 3 years of experience in cybersecurity, with a focus on risk management, governance, and regulatory compliance;
• Knowledge of security frameworks and regulations, including ISO 27001, NIST (800-53, CSF), GDPR, NIS2 Directive, and other relevant security standards;
• Hands-on experience with SIEM platforms (e.g., Microsoft Sentinel, Splunk, QRadar) and security monitoring tools;
• Experience in cyber risk assessment methodologies (e.g., FAIR, OCTAVE, ISO 27005) and incident response (L2/L3 escalation handling);
• Proficiency in vulnerability management tools (e.g., Tenable, Qualys, Rapid7) and ability to interpret findings for risk mitigation;
• Strong understanding of security event triage, threat intelligence, and correlation rules tuning within a SIEM;
• Knowledge of endpoint security solutions (EDR, XDR), firewalls, and cloud security controls (e.g., Azure Security Center, AWS GuardDuty);
• Excellent command of written and spoken English;
• Strong communication skills, with the ability to explain security risks and mitigations to technical and non-technical stakeholders.

ADDITIONAL SKILLS

• Previous experience in research environments, SOC/CERT teams, or regulatory-driven organizations;
• Security certifications such as CISSP, CISM, CISA, ISO 27001 Lead Auditor/Implementer;
• Experience in third-party risk assessment and vendor security audits, including contract review for cybersecurity requirements
• Practical experience with scripting or automation (Python, PowerShell, Bash) for security operations;

The Istituto Italiano di Tecnologia is seeking talented and driven individuals to help shape innovative data protection and cybersecurity strategies and policies. We welcome both experienced professionals in cybersecurity and motivated candidates with a solid academic background who are eager to grow and develop their skills
You will join a dynamic, multi-disciplinary team where experts from diverse fields collaborate to drive research and innovation forward.

As a Senior Cybersecurity Specialist, you will be a key figure in strengthening the security posture of our cutting-edge research activities. Your main responsibilities will include:

• Leading cyber risk assessment initiatives and ensuring compliance with international security standards (ISO 27001, NIST, GDPR, NIS Directive);
• Managing and optimizing SIEM solutions, analyzing security logs, and identifying potential threats;
• Defining and implementing cybersecurity policies, collaborating with various stakeholders to enhance security governance;
• Supporting certification and audit processes, ensuring adherence to regulatory requirements;
• Conducting vulnerability assessments and working closely with IT teams to mitigate security risks;
• Driving cybersecurity awareness and training programs to enhance security culture across the organization.