CrawlJobs Logo

Cyber Security Governance Specialist

prima.it Logo

Prima

Location Icon

Location:
Italy , Milan

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

Are you looking for a new challenge? Fancy helping us shape the future of motor insurance? Prima could be the place for you. Since 2015, we’ve been using our love of data and tech to rethink motor insurance and bring drivers a great experience at a great price. Our story began in Italy, where we’ve quickly become the number one online motor insurance provider. In fact, we’re trusted by over 5 million drivers. And now we’re expanding to help millions more drivers in the UK and Spain. To help fuel that growth, we need a Cyber Security Governance Specialist to join our Security Team. The Engineering Department is the beating heart of Prima. You’ll be joining over 300 engineers across software development, infrastructure, operations and security: fueled by curiosity, experimentation and collaboration, you’ll help deliver scalable, impactful solutions that shape the future of insurance.

Job Responsibility:

  • Contribute to the definition, implementation, and continuous improvement of the cybersecurity governance framework, including policies, procedures, and controls aligned with international standards and regulatory requirements (e.g. ISO/IEC 27001, NIST CSF, COBIT, GDPR, DORA)
  • Perform security audits, gap analyses, and cyber risk assessments, identifying remediation actions and supporting their execution with relevant stakeholders
  • Participate in third-party security and resilience assessments
  • Support Business Continuity Management (BCM) and IT Disaster Recovery (DR) activities, contributing to Business Impact Analyses (BIA) activities, critical asset dependency mapping, the definition and maintenance of Recovery Time and Recovery Point Objectives (RTOs/RPOs) and participation in business continuity and IT Disaster Recovery tests and exercises (e.g. tabletop simulations)
  • Support cybersecurity awareness initiatives, training programs, and onboarding activities related to security topics

Requirements:

  • 2+ years of experience in cybersecurity governance, risk, compliance, or security assurance roles, either in-house or within a consulting environment, preferably in regulated or complex organisational contexts
  • Proven knowledge of major cybersecurity frameworks (e.g., ISO/IEC 27001, NIST CSF) and regulatory landscapes (GDPR, DORA)
  • Proven experience in developing policies, conducting gap analyses, audit activities and defining remediation plans
  • Familiarity with Business Continuity Management (BCM) and IT Disaster Recovery (DR) concepts, including participation in Business Impact Analyses (BIA), critical asset dependency mapping, definition of RTOs and RPOs and Disaster Recovery tests or exercises
  • Strong English communication skills, with the ability to collaborate effectively with multidisciplinary teams

Nice to have:

  • Certifications such as CISSP, CISM, CRISC, ISO/IEC-27001 Lead Implementer/Lead Auditor, ISO 22301
  • Exposure to Business Continuity Management and recovery planning
  • Experience supporting regulatory compliance for new digital operational resilience standards (e.g., DORA)
What we offer:
  • Work Your Way: Enjoy full flexibility – work from home, the office or a mix of both
  • Grow with us: We may move fast at Prima, but we move together. Get access to learning resources, mentorship and a growth plan tailored to you
  • Thrive and perform: Your best work begins when you feel your best. Enjoy private healthcare, gym discounts, wellbeing programs and mental health support

Additional Information:

Job Posted:
January 25, 2026

Employment Type:
Fulltime
Work Type:
Remote work
Icon
Prima - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Cyber Security Governance Specialist

Information Assurance Specialist

The Information Assurance/Security Engineer will provide security engineering an...
Location
Location
United States , Bethesda
Salary
Salary:
Not provided
anavationllc.com Logo
AnaVation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active TS/SCI Clearance with CI Polygraph
  • Bachelor’s degree in Network Engineering, Computer Science or related technical field plus 5-7 years of Cyber Security/Operations support
  • DoD 8140 IAT Level II Certification (CCNA-Security, CySA+, CND, Security+)
  • Documenting network schemas and cyber operation tool solutions
  • Knowledgeable regarding compliance with: ICD 503, FISMA, OMB, NIST, and DoD (8150.01 March 12, 2014) [Risk Management Framework and Cyber Network Defense…], and other mandated security regulations and standards
  • Knowledge and experience with managing and monitoring compliance with Privileged User Access (PUA), Data Transfer Access (DTA), and Removable Media Custodian (RMC) privileges, forms, and signatures
  • Support to vulnerability management, patching, information assurance and/or ATO process for Classified DoD or IC environments
  • Demonstrated documentation writing for security plans, tests, and reports
  • Must demonstrate strong teamwork, communication (both verbal and written), and presentation skills
  • Must demonstrate strong initiative to accept new technical challenges in complex security engineering assignments
Job Responsibility
Job Responsibility
  • Provide security engineering and information assurance support to the Government’s Assessment and Authorization (A&A) process to maintain Authority to Operate (ATO) and Authority to Connect (ATC) for mission applications and services
  • Designs, develops, monitors and documents security controls, security testing, security reporting, and plan of actions and milestones (POA&Ms) throughout systems and application lifecycles in support of mission systems
  • Provides security engineering design inputs, security design reviews, and security best practices as part of technical and change requests
  • Configures and validates secure systems, physical controls, and tests security products and systems to detect security weaknesses
  • Maintains XACTA security records for supported systems
What we offer
What we offer
  • Generous cost sharing for medical insurance for the employee and dependents
  • 100% company paid dental insurance for employees and dependents
  • 100% company paid long-term and short term disability insurance
  • 100% company paid vision insurance for employees and dependents
  • 401k plan with generous match and 100% immediate vesting
  • Competitive Pay
  • Generous paid leave and holiday package
  • Tuition and training reimbursement
  • Life and AD&D Insurance
  • Fulltime
Read More
Arrow Right

Senior Information Technology Specialist

Barbaricum is currently seeking a proficient Senior Information Technology Speci...
Location
Location
United States , Fort Belvoir
Salary
Salary:
Not provided
barbaricum.com Logo
Barbaricum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active DoD Secret Clearance
  • Bachelor’s degree and 10 years of relevant experience
Job Responsibility
Job Responsibility
  • Support the resolution of IT and system problems, to recommend solutions to higher level IT specialists and management, and to meet assignments as estimated and scheduled
  • Provides technical advice to IT and other professionals and the client
  • Support backup and disaster recovery, cyber security, monitoring, auditing, and compliance, troubleshooting and resolving end user support issues, and delivery of technology solutions
  • Provide verification of operational status of government computer systems and related third party interfaces and comply with Federal regulations, policies, codes, and security and safety standards
  • Experience supporting and managing cloud instance by utilizing elastic cloud computing for resourcing needs
Read More
Arrow Right

Supplier Governance Manager

The role reports into the Senior Manager of Governance and Reporting in our Pers...
Location
Location
Australia , Sydney
Salary
Salary:
Not provided
https://www.allianz.com Logo
Allianz
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Demonstrated experience in supplier / vendor management, procurement, or contract administration
  • Strong understanding of governance, risk, and compliance ideally within the financial services industry
  • Excellent verbal and written communication skills
  • Demonstrated understanding of cyber security standards, IT systems, and risk management practices
  • Experience working across Enterprise Risk, Operational Risk, Governance, Legal, Compliance, or Regulatory Assurance
  • High attention to detail with focus on compliance and regulatory requirements
  • Strong analytical and problem-solving skills
  • Experience in managing and fostering strong relationships with internal teams and supplier partners
  • Ability to plan and prioritise effectively, organise tasks and manage competing resources and demands
  • Tertiary qualifications in a relevant discipline
Job Responsibility
Job Responsibility
  • Oversee the onboarding, renewal, and governance of supplier contracts
  • Ensure compliance with procurement, cyber security, IT, as well as risk and regulatory standards
  • Work closely with internal teams to manage supplier supervision and monitoring programs
  • Assess suppliers required to be onboarded
  • Provide oversight over end-to-end supplier onboarding, contract renewals and variations, document execution, supplier governance, and offboarding
  • Oversee negotiations with suppliers
  • Work closely with the Cyber Governance team
  • Maintain accurate records of supplier agreements, risk assessments, compliance documentation, and supervision and monitoring routines
  • Facilitate supervision and monitoring routines
  • Assist with analysing the effectiveness of supplier partnerships
What we offer
What we offer
  • Inclusive Culture
  • Flexible Work-Life Balance
  • Career Development
  • Financial and Well-being Perks
  • Fulltime
Read More
Arrow Right

TPRM Specialist

A highly motivated and hands-on professional to join the Supply Chain Security (...
Location
Location
Netherlands , Amsterdam
Salary
Salary:
Not provided
levy-professionals.com Logo
Levy Professionals
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Knowledge and experience with setting up projects & deliverables within supply chain security / Third-Party Risk Management (TPRM)
  • Proven experience in executing information security risk assessments
  • Knowledgeable on one or more areas such as security processes, technology architectures, network security, application security, and vulnerability management
  • Experience with the ServiceNow TPRM module is a significant advantage
  • HBO or University degree
  • Excellent stakeholder management skills
  • A strong ability to translate technical risks into business risks and vice versa
  • Hands-on, self-organised, willing to finish and deliver (execution power)
  • Service-oriented professional who enjoys taking on an internal consultancy role
  • The working language within the team is English
Job Responsibility
Job Responsibility
  • Govern and manage IT vendor relationships concerning performance on the security aspects of underlying contractual obligations
  • Execute Vendor Security Risk Assessments and perform necessary follow-up actions, focusing on material risks
  • Ensure that information security risks are identified and managed effectively throughout all stages of the relationship with external vendors
  • Review the applicability and quality level of assurance reports issued by third parties
  • Manage the IT security-related part of vendor contracts, working closely with 2nd line functions such as legal, compliance, and procurement on contractual changes
  • Actively stay up-to-date with emerging cyber security trends, risk, and threat developments, and share this knowledge to help integrate them into the assessment program
  • Help solve security-related questions, take initiative, and escalate in time if needed
  • Signal improvements related to the way of working inside the team and contribute to improving the excellence of the service offering
  • Work according to the DevOps & Agile methodology, improving Supply Chain Security services based on user stories
  • Occasionally investigate and resolve incidents as they occur
Read More
Arrow Right

Cyber Security Governance & Assurance Specialist - ESN

The Emergency Services Network (ESN) is a major strategic priority for BT and ou...
Location
Location
United Kingdom , London; Birmingham; Bristol; Manchester
Salary
Salary:
Not provided
plus.net Logo
Plusnet
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Internal & Statutory Security Audit
  • Stakeholder Management
  • Security Assurance
  • Policy Design
  • Security assurance experience, including carrying out assurance activities and writing reports and recommendations
  • Experience with ISO 27001 controls and audit
  • Experience of administering security processes
  • Strong stakeholder management skills at a senior level
  • Excellent communication and presentation skills are essential, so experience presenting security guidelines and processes to colleagues and senior audiences would be essential
  • You will be required to undergo National Security Vetting to SC or NPPV level.
Job Responsibility
Job Responsibility
  • Contributing to the ESN Security Management Plan, ISMS and Security Processes - ensuring effective management of security within the Programme and that Contract obligations are met
  • Identifying security threats to ESN and ensures the adequacy of processes and controls in place to mitigate them
  • Work with other Security professionals and other teams to meet ESN security objectives
  • Engage with Customer security teams, providing assurance that Security requirements are met and identifying opportunities for improvement
  • Identify and understand all elements of contractual security obligations for the ESN Contract
  • Deliver and verify the implementation of end to end security services as defined within specified the ESN contracts
  • Deliver and implement ISO27001 compliant security strategies, policies, procedures, processes, threat identification & responses that provide wrap-around security services and solutions for the ESN service
  • Deliver the required Security accreditation for the ESN contract
  • Manage operational risks related to people, information, assets, revenues and reputation and ensure compliance with relevant security requirements, typically: the HMG Security Policy Framework, Contractual Obligations, company security and business continuity policies
  • Monitor and manage third party supplier compliance to the flow-down of contractual obligations from BT
What we offer
What we offer
  • 10% on target annual bonus
  • BT Pension scheme, minimum 5% employee contribution, BT contribution 10%
  • X4 Salary Life Assurance
  • Huge range of flexible benefits including Cycle to Work, Healthcare, Season Ticket Loan, Electric Vehicle Salary Sacrifice
  • 25 days annual leave (not including bank holidays), increasing with service
  • From January 2025, equal family leave: receive 18 weeks at full pay, 8 weeks at half pay and 26 weeks at the statutory rate. It’s for all parents, no matter how your family is made up
  • Enhanced women’s health support: including help with menopause symptoms, cancer screenings, period care and more
  • 24/7 private virtual GP appointments for UK colleagues
  • 2 weeks paid carer’s leave
  • World-class training and development opportunities
  • Fulltime
Read More
Arrow Right

Cyber Security Specialist

Currently for our Client from banking industry we are looking for a Cyber Securi...
Location
Location
Poland , Gdynia
Salary
Salary:
Not provided
astek.pl Logo
Astek
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Previous experience on similar position
  • Strong understanding of security domains, especially security findings assessment and remediation areas, supported by at least 2 years of experience
  • Governance knowledge, proven by experience in at least one of the security findings fields: Workstation vulnerabilities, Servers vulnerabilities, Baseline deviations, Containers vulnerabilities, Static Application Security Testing (SAST), External Attack Surface Management (EASM) findings Threat Modelling findings, API-related findings
  • Advanced trouble-shooting and conceptual skills with the ability to come up with solutions to uncommon problems related to remediation actions
  • Good understanding of risk based approach and risk management
  • Experience in cross-organizational collaboration/negotiation
  • Prepare and deliver presentations to stakeholders, clearly communicating remediation progress, risks, and strategic recommendations
  • Fluent English
Job Responsibility
Job Responsibility
  • Identifying remediation gaps and driving towards their resolution
  • Advising stakeholders on the available solutions and actions that must be undertaken
  • Analyzing scanning results to define concrete steps directed at de-risking the bank
  • Collaborating with remediation accountable and responsible stakeholders
  • Ensuring security findings are understood and remediation pace is adequate
  • Maintain a proactive approach to governance and demonstrate autonomy in task execution
What we offer
What we offer
  • Long-term collaboration
  • Technical training, certifications, and skills development
  • Competence Center mentoring – being a member of the Competence Center community from day one is an opportunity to develop your skills, participate in various conferences, and share knowledge and experience with people who face the same challenges every day
  • Clear career path
  • Employee benefits package (Multisport, private healthcare, life insurance, subsidized city card)
  • Friendly working atmosphere, team-building events, and team-building meetings
Read More
Arrow Right
New

Cyber Security Governance Specialist

Are you looking for a new challenge? Fancy helping us shape the future of motor ...
Location
Location
Spain , Madrid
Salary
Salary:
Not provided
prima.it Logo
Prima
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years of experience in cybersecurity governance, risk, compliance, or security assurance roles, either in-house or within a consulting environment, preferably in regulated or complex organisational contexts
  • Proven knowledge of major cybersecurity frameworks (e.g., ISO/IEC 27001, NIST CSF) and regulatory landscapes (GDPR, DORA)
  • Proven experience in developing policies, conducting gap analyses, audit activities and defining remediation plans
  • Familiarity with Business Continuity Management (BCM) and IT Disaster Recovery (DR) concepts, including participation in Business Impact Analyses (BIA), critical asset dependency mapping, definition of RTOs and RPOs and Disaster Recovery tests or exercises
  • Strong English communication skills, with the ability to collaborate effectively with multidisciplinary teams
Job Responsibility
Job Responsibility
  • Contribute to the definition, implementation, and continuous improvement of the cybersecurity governance framework, including policies, procedures, and controls aligned with international standards and regulatory requirements (e.g. ISO/IEC 27001, NIST CSF, COBIT, GDPR, DORA)
  • Perform security audits, gap analyses, and cyber risk assessments, identifying remediation actions and supporting their execution with relevant stakeholders
  • Participate in third-party security and resilience assessments
  • Support Business Continuity Management (BCM) and IT Disaster Recovery (DR) activities, contributing to Business Impact Analyses (BIA) activities, critical asset dependency mapping, the definition and maintenance of Recovery Time and Recovery Point Objectives (RTOs/RPOs) and participation in business continuity and IT Disaster Recovery tests and exercises (e.g. tabletop simulations)
  • Support cybersecurity awareness initiatives, training programs, and onboarding activities related to security topics
What we offer
What we offer
  • Work from home, the office or a mix of both
  • work from anywhere for up to 30 days a year
  • access to learning resources, mentorship and a growth plan tailored to you
  • private healthcare, gym discounts, wellbeing programs and mental health support
  • Fulltime
Read More
Arrow Right

IT Security Specialist

We are looking for a skilled IT Security Specialist to join our team on a long-t...
Location
Location
United States , Cincinnati
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven expertise in Information Security and Risk Management
  • Solid understanding of financial applications and their security needs
  • Experience with cloud security architecture, including PaaS and SaaS
  • Knowledge of data privacy regulations and practices
  • Proficiency in database security and safeguarding sensitive information
  • Familiarity with cyber governance frameworks and strategies
  • Strong ability to conduct security assessments and mitigate vulnerabilities
  • Up-to-date knowledge of cybersecurity trends and tools
Job Responsibility
Job Responsibility
  • Deliver specialized support in Information Security and Risk Management to Finance and Technology Services teams
  • Ensure adherence to internal controls, security protocols, and regulatory standards in all initiatives
  • Collaborate on cloud security architecture projects, including PaaS and SaaS implementations
  • Safeguard financial applications by implementing advanced security measures
  • Develop and maintain cyber governance strategies to manage risks effectively
  • Monitor and address database security concerns to protect sensitive information
  • Implement data privacy protocols to ensure compliance with legal and corporate requirements
  • Conduct regular security assessments to identify potential vulnerabilities
  • Provide guidance on securing computer files and systems against unauthorized access
  • Stay updated on the latest cybersecurity trends and technologies to enhance organizational defenses
What we offer
What we offer
  • medical, vision, dental, and life and disability insurance
  • eligible to enroll in our company 401(k) plan
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy