Cybersecurity Governance & Compliance Consultant

posted 25th June 2018
  • Italy
  • Competitive
  • Milan
  • Permanent


  • Based on experience
  • Competitive
  • Innovative projects, modern environment, annual bonus, laptop, smartphone and many more!


We are looking for a Consultants/Senior Consultants (1-6 years of experience) that would like to join our Cybersecurity Governance, Risk and Compliance Team!


Our Cybersecurity Governance, Risk and Compliance Team provides advisory and consulting support to help our clients to address the challenge of managing cybersecurity and data protection risks, in a way that is in line with customers business strategy.

The Data Protection and Cyber Risk consultants are active in various areas such as:

Data Protection Governance & Assessments: maturity assessments, compliance (ISO27K, PCI, regulatory compliance (GDPR etc.), data protection risk management, “Data Protection Impact Assessments”, Process descriptions & documenting (tooling, templates, training, …), Transformation roadmaps.

Piloting & Project Management

Organizational & Security Measures identification and implementation

Privacy and Security by design: Deploying processes and tools to help detect and prevent privacy and security breaches & help ensuring compliance, system architecture improvement recommendations

Legal & Procurement back-office: set up security & data protection policies, Review & recommendations on contract clauses (purchasing & sales), DPO position (either as interim team member, or by helping to shape the function), Assisting clients in privacy and security related incident response activities.


Required Skill:


Degree-level education (preferably in computer science or engineering)

1-6 years of experience in Cybersecurity and Data Protection consulting activities (Security Assessment, Risk Management, ISMS, security policy drafting, business continuity, ecc…)

Good English (>=B2)

Deep knowledge of information security and IT governance best practices and standards (e.g. ISO27001, Cobit, Cybersecurity Framework)

knowledge of data protection requirements (e.g. Data Protection Authority local laws, GDPR)

Experience in security assessment is a plus

Information Security Management System framework deep knowledge

Significant experience in providing expert technical advice, guidance and support on privacy and data protection with an in-depth knowledge of GDPR

Privacy-related certification such as CIPP/E, CIPP/IT or equivalent or information security certification such as ISO27001, CISM, CISPP, CISA, CRISC or equivalent are an asset

Ability to communicate effectively about them with different stakeholders (e.g. business, legal, IT, security…)

Excellent ability to build relationships with clients

Eager learner and receptive to new ideas, technologies, software

Assertive and proactive approach to the delivery/implementation of projects

Ability to work in a team

Job reference: JD_cygo

If ‘Cybersecurity Governance & Compliance Consultant' isn't for you, take a look at these jobs