Senior Manager - Cyber Risk, Compliance & Awareness

We are seeking a highly motivated and experienced Cyber Risk, Compliance & Awareness Senior Manager to join our growing team and actively contribute to the development of our group-wide cybersecurity strategy. In this critical role, you will be responsible for aligning our Sky Italia cybersecurity activities with those of the Sky Group, ensuring the consistency and effectiveness of our protective measures.

Key Responsibilities:

• Strategic alignment with the group:
  • Collaborate with the group's cybersecurity function to define a shared cybersecurity strategy aligned with business objectives.
  • Contribute to the development of group-wide risk & compliance framework

Risk Management:

• Implement a risk management framework aligned with Sky Group standard and approach
• To implement a risk-based approach and to maintain a risk register, tracking and prioritizing risks.
• Collaborate with business units to identify and address emerging risks.

Compliance:

• Ensure compliance with all relevant cybersecurity regulations (e.g., NIS2, GDPR, NIST Cybersecurity Framework).
• To support internal and external audits to assess compliance and identify areas for improvement.

Security Awareness & Training:

• Develop and deliver engaging cybersecurity awareness training programs for employees at all levels.
• Promote a strong security culture within the organization.
• Conduct phishing simulations and other awareness campaigns to educate employees about cyber threats.

Supplier Security:

• implement a supplier security program aligned with Sky Group to assess and manage risks associated with third parties.
• Define security requirements for suppliers and conduct risk assessments.
• Continuously monitor suppliers to ensure compliance with security requirements.

Team Leadership & Management:

• Lead and mentor a team of cybersecurity professionals.
• Foster a positive and collaborative work environment.
• To support and collaborate closely with Cyber Governance function to ensure proper spending.

Qualifications:

• 5+ years of experience in cybersecurity, with a strong understanding of industry best practices and frameworks.
• Proven experience in developing and implementing cybersecurity programs.
• Strong knowledge of relevant cybersecurity regulations and compliance standards.
• Excellent communication, presentation, and interpersonal skills.
• Strong analytical and problem-solving skills.
• Ability to work independently and as part of a team.  
• Strong leadership and mentoring skills.
• Relevant certifications (e.g., CISSP, CISM, CISA) preferred.