Zambon is a multinational pharmaceutical and chemical company that focuses on innovation and development with the aim to improve the quality of people’s health and patients’ lives. Based on a valuable heritage but strongly focused on the future, its Vision is “Innovating cure and care to make patients’ lives better”. Zambon operates in the pharmaceutical and chemical business and is present in 20 countries with subsidiaries in three different Continents – Europe, America, and Asia – and over 2900 employees, with manufacturing units in Italy, Switzerland, France, China, and Brazil. Zambon products are commercialized in 84 countries. The company is working on the treatment of specialties and rare diseases, such as Parkinson’s disease and Cystic Fibrosis, and is well-established in 3 therapeutic areas: respiratory, pain, and women’s care.

The Role:

Zambon SpA is looking for a "Cyber Security Senior Specialist" who, according to the Corporate standard, is responsible to support the execution of the Cyber Security Strategy.

Main Responsibilities of the role:

The Cyber Security Senior Specialist is responsible for:

• Project management for the selected Cyber Security Projects.
• Incident investigation: investigate alerts raised by Company’s SOC/other sources to evaluate potential threats against the Company’s assets.
• Incidents Escalation: escalate security incidents to internal stakeholders.
• Incident Reporting: write up security incident reports detailing the attack, its characteristics, and possible remediation activities.
• Periodic review of Incidents: routinely review security incidents for adherence to the established procedures and guidelines.
• Identify opportunities for Information Security Incident process improvement.
• Maintain up-to-date trouble ticketing systems with regard to the assigned activities/incidents.
• Collaborate with internal structures during recurring activities and/or during the management of a cyber-incident.
• Propose, plan, and oversee actions for the prevention or mitigation of non-compliances and vulnerabilities.
• Supervise and coordinate the operation of assigned security services.
• Collect, analyze, and present agreed indicators for monitoring security risks (KRIs), performance, and quality (KPIs) of security processes and systems.
• Collaborate in the definition and implementation of training & awareness plans.
• Help in developing and implementing the Security by Default strategy.
• Identify, assess, and manage risks associated with systems and applications in relation to the data processed.

What we are looking for:

• Bachelor’s degree in Information Security, Information Technology, Computer Science, Engineering, or similar is strongly desired.
• At least 3-5 years of experience in Information Security.
• Expertise in one or more of the following areas of cyber security: Cyber Incident Response, Vulnerability Management, Advanced Threat Protection, Identity and Access Management, Incident Response, Security & Compliance.
• Excellent knowledge of written and spoken English.
• Analytical, problem solving and team working skills.
• Accuracy and organizational skills complete the profile. Excellent interpersonal skills and proactivity cannot be lacking.
• Project Management Skills are mandatory.

Place of Work: Bresso (MI)