cybersecurity governance intern Milano

Grafton Engineering is Gi Group's specialization dedicated to enhancing the experience, skills and potential of candidates in the fields of Design, Logistics & Supply Chain, Production & Maintenance, Quality - Safety & Environment, Process & Project Management.

Saipem is a global leader in the engineering and construction of major projects for the energy and infrastructure sectors, both offshore and onshore. Saipem is “One Company” organized into business lines - Asset Based Services, Energy Carriers, Offshore Wind, Sustainable Infrastructures.

As CYBERSECURITY GOVERNANCE SPECIALIST you will be part of the Cybersecurity Governance (CYGO) team and will primarily focus on cybersecurity activities related to third parties and suppliers.

You will support and supervise the Third-Party Risk Management (TPRM) process, ensuring its effectiveness, consistency, and alignment with the related requirements, while contributing to contractual, audit, reporting, and awareness activities related to cybersecurity.

Tasks

· Supervising and supporting the Third-Party Risk Management (TPRM) process, ensuring that both the process and the supporting tools operate effectively and efficiently.

· Monitoring the outcomes of third-party cybersecurity risk assessments and ensuring the timely execution and tracking of required follow-up.

· Supporting supplier audit activities, including preparation, execution support, evidence review, and follow-up actions.

· Providing support during the review and evaluation of Data Processing Agreements (DPA), as well as General Terms and Conditions (GTC) and Special Terms and Conditions (STC) during supplier negotiation phases, from a cybersecurity perspective.

· Supporting cybersecurity awareness initiatives, including:

- Identifying relevant cybersecurity topics for the monthly internal newsletter (Cyber Wave) and contributing to the drafting of related articles.

- Defining scenarios for periodic phishing simulation campaigns and monitoring and analysing campaign results.

Requirements

Master's Degree/bachelor’s degree in management /computer engineering / Technical Diploma o similar fields, whit master’s or specialization in cyber security.

Italian: native or at least C1 proficiency

English: at least B2 level (written and spoken).

Technical Knowledge:

Ability to analyse documentation and contractual clauses with attention to detail.

Capability to prepare clear and structured reports and presentations.

Interest in and basic understanding of cybersecurity governance and risk management is considered a plus.

Familiarity with Procurement and Vendor Management processes is considered a preferred qualification.

Previous knowledge or certifications in cybersecurity standards (e.g. ISO/IEC 27001) are welcome but not required.

Soft Skills: Ability to work in a team, excellent communication skills, proactivity, and problem-solving abilities.

LOCATION: Milano HO

Contract Type: 6 + 6 months extracurricular internship; including company canteen and company gym. Hybrid working model: Smart Working options and flexible hours to help you achieve a better work-life balance.

*Grafton Engineering è una specializzazione di Gi Group Spa autorizzata ad operare dal Ministero del Lavoro e delle Politiche Sociali (Aut. Min. 26/11/2004 PROT. 1101 - SG).

L’offerta si intende rivolta ai candidati nel rispetto del D.lgs. n. 198/2006 e ss.mm.ii. e dei Decreti Legislativi n. 215 e n. 216 del 2003 sulle parità di trattamento.

I candidati sono invitati a leggere l’informativa privacy ai sensi degli artt. 13 e 14 del Reg. EU 679/2016 al seguente indirizzo www.gigroup.it/privacy-candidati

#LI-DG1