DevSecOps

• Design, harden, and manage the lifecycle of corporate base images (VMs, containers, serverless) to ensure security, standardization, and absence of known vulnerabilities
• Conduct continuous identification, analysis, prioritization, and remediation tracking of security vulnerabilities across infrastructure, applications, and third-party components
• Design and implement security-compliant architectures for cloud environments (AWS, Azure, GCP), integrating security controls into CI/CD pipelines and infrastructure-as-code practices
• Define and oversee the end-to-end architecture for compliance-driven patching processes, including component inventory, patch lifecycle management, automated deployment workflows, and audit readiness
• Develop and maintain scalable, automated processes for vulnerability detection, patch compliance, and configuration hardening across hybrid and cloud environments
• Lead security projects by applying structured project management approaches, managing timelines, stakeholders, risks, and deliverables
• Collaborate closely with DevOps, Cloud Engineering, and IT Operations teams to embed security into development and operational workflows (DevSecOps)
• Deliver clear security metrics, risk dashboards, and compliance reports for technical and executive stakeholders

• Experience in information security, with a focus on cloud security, vulnerability management, and compliance
• Experience with vulnerability and patch management tools (Qualys, Tenable, Snyk, WSUS, Intune, Ansible, or similar)
• Experience with cloud platforms (AWS or Azure)
• Experience with containerization (Docker, Kubernetes) and secure image pipelines
• Knowledge of security compliance frameworks and their practical implementation
• Experience in architecting and governing patching strategies for OS, middleware, and third-party components at scale
• Fluent English and Italian
• Strong communication and collaboration skills

Project management skills or certification (e.g., PMP, PRINCE2, Agile)

• An international community bringing together 110+ different nationalities
• An environment where trust has a central place: 70% of our key leaders started their careers at the first level of responsibilities
• A robust training system with our internal Academy and 250+ available modules
• A vibrant workplace that frequently gathers for internal events (afterworks, team buildings, etc.)
• Opportunity to turn ideas into action and make a tangible impact through ESG commitments and the WeCare Together program