Descrizione azienda

Fineco Bank is a leading European bank with a 20 years history and a fully digital DNA with a branchless approach since the start. Fineco is one of the banks with the widest products range available. We have developed a truly one-stop-solution which includes trading, investment and payment services. We have developed an 100% proprietary platform for trading and investment which covers all customer needs from trading listed and OTC product to investment product such as mutual funds and ETF. In addition to this we also offer banking and payment solution for domestic and international demand.


Function description

As part of Cyber Security team, we are looking for someone who will be supporting FinecoBank in all Cyber Security operations covering enterprise and cloud security across the organization, supporting all the business divisions. The role requires ability to enforce procedures and compliance across IT systems and services. Working closely with stakeholders and third parties you will ensure that the appropriate objectives and priorities are enabled and supported to protect the organization from cyber threats.

Job Overview

The primary purpose of this role is to address security aspects in the most challenging environment for a security expert: a banking institution; an evolving business scenario; high priority of the cyber risk among the top risks for the bank; peculiar cybercrime and cyber threats scenarios.

You will be part of a competitive, determined team in constant growth, aiming at ensuring the business resilience and contributing to the good reputation for the Company. You’ll have the chance to develop and hone your technical competencies and to foster your exposure and your ICT security background. This a hands-on, senior technical role.

Primary Responsibilities and Activities

  • Be a member if internal incident response team
  • Contribute to investigations into network intrusions and other cyber security breaches/attacks
  • Learn the post incidents lessons and use them to eradicate root causes and vulnerabilities and to improve the company security posture
  • Contribute to the definition and conduction of security assessment for applications, network and infrastructure, identifying apps and remediation plan in coordination with involved ICT Structures
  • Perform research and analysis of emerging and on-the-edge technologies and related cyber security threats and implications
  • Design ICT security architectural patterns and define best practices and standards for securing networks, services, assets, processes and tools
  • Manage and improve existing security solutions
  • Scout and evaluate new cyber security defensive approaches, solutions and technologies
  • Produce and consume cyber threats intelligence and contribute to cyber risk analysis and evaluation
  • Conduct or manage vulnerability assessment and penetration tests


Job Requirements Education

  • Bachelor’s degree in computer science, math, engineering or equivalent related IT experience
  • CISSP, CEH, OSCP, CCSP or other InfoSec professional certifications are a plus


  • 5+ years of cyber security experience, spent working on the field in one or more of the following: Network Security, Enterprise Systems Security, SDLC Security, Data Security, Cybersecurity and Security Operations (SOC, CERT, Cyber Threat Intelligence teams, Vulnerability Management, Penetration Testing, …), Identity and Access Management
  • 5+ years successfully managing complex security/IT solutions

Knowledge and Skills

  • Genuine passion in cyber security, proactivity and curiosity
  • Knowledge of network engineering, concepts and security
  • Knowledge of shell and scripting languages (Perl, Python, etc.)
  • Awareness of European and international legislation landscape in information security area is considered a plus
  • Strong knowledge of standards of information security management (ISO/IEC, NIST) and best practices (ENISA, OWASP, CSA, etc.)
  • Strong knowledge of the Cyber security application landscape and ability to manage and forensic tool, threats detection and mitigation, big data for security)
  • Cloud computing and relevant cloud security technologies
  • Ability to handle pressure, timely delivery and tolerance to tight schedule together with problem solving attitude
  • Teamwork attitude
  • Fluent English (written and spoken)

 Altre informazioni

Sede di lavoro: Milano (alternanza presenza in sede e smart working)

Tipo di contratto: CCNL credito, tempo indeterminato

Per inviare la candidatura si prega di visitare la seguente pagina

Visit Us