Advise ICT Management on Compliance issues and activities
Participate in planning and execution of all ICT compliance activities for related organizations under Service Agreements with Eni US Operating, Co., Inc.
Coordinate, refine and manage the annual ICT SOX Reporting Process
Responsible for the monitoring of stated GCC controls, methods, and practices with the ICT Function.
Support SOX and Finance management in SOX related regulatory examinations for Corporate ICT SOX Reporting
Focal Point for internal and external Audit and Compliance associates, including ongoing monitoring of open issues and action plans and corresponding metrics
Conduct ICT process documentation annual reviews and Process owner approval; maintain process documentation for compliance reporting
Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related discipline with 5+ years of experience preferred. In lieu of a bachelor’s degree, candidates with 10+ years of experience will also be considered.
5+ years’ experience in IT Compliance, Cyber Security, and IT Governance.
Related information security, technical, and/or project certification preferred, but not required (e.g., CISSP, CISA, CIA, or other professional designation)
Strong knowledge and understanding of information security practices and policies, including Information security frameworks, standards, and best practices
Solid IT SOX Compliance and Information Technology experience, with IT Governance experience
Expertise with at least two of the following regulations/frameworks: SOC 2, NIST CSF, ISO 27001 and/or GDPR
Ability to think and act both strategically and tactically
Broad knowledge of the ICT function and how ICT enables the business through effective ICT governance
Knowledge of ICT Process best practices, policies, and procedures
Applicable communication skills and ability to handle multiple tasks
Experience writing, reviewing, and implementing IT policies and procedures
Experience auditing IT operational controls or process improvements
Ability to communicate with all levels within the organization
Strong interpersonal and communication skills to interact effectively with ICT team, process owners, management, and external & internal auditors
Coordinate with ICT team members and management to facilitate testing of GCC and CELC controls
Identify opportunities for operational and internal control process improvements. Work with process owners and management team to follow through on implementation of optimization initiatives
Work with Eni US Operating SOX group for roll-up of ICT reporting
Work with Eni S.p.A. Internal Control group for ICT compliance reporting
Work with Eni S.p.A. CYSE group on Cybersecurity standards, education and awareness, strategy and framework development, data classification, risk management, cyber security governance and ICT compliance
Oversee annual penetration test and vulnerability assessment activities
Participate as a Security Advisor on various requests & initiatives, providing security guidance & direction while ensuring adherence to Eni S.p.A. security policies & standards
Create and deliver presentations to both technical and non-technical audiences on Cybersecurity topics
Perform annual policy/procedure reviews for ICT compliance
Ensure adherence to Eni S.p.A. ICT regulations as stated by Internal Control
Perform bi-annual GCC control reviews and submit updates to Corporate
Participate in ICT Governance updates and strategy
Coordinate internal and external ICT audit engagements for Eni US Operating Co. Inc., and all related organizations under Service Agreement with Eni US Operating Co. Inc.
Perform ICT Risk Analysis activities
Perform other duties as required
Health, Safety & Environmental Risk Category: Low
Also, the ICT Manager is giving consideration to candidates who posses the following skill sets:
Critical Thinking: Ability to think and act both strategically and tactically.
Strong verbal and written communication skills and the ability to prioritize and handle multiple tasks.
Confidence to work independently.
While the selected resource will be required to be in the office for the first week or two for training, the selected candidate will have the ability to work a hybrid schedule from the office 3 days a week and from home 2 days a week.
With over 90 years' combined experience, NES Fircroft (NES) is proud to be the world's leading engineering staffing provider spanning the Oil & Gas, Power & Renewables, Infrastructure, Life Sciences, Mining, Automotive and Chemicals sectors worldwide.With more than 100 offices in 45 countries, we are able to provide our clients with the engineering and technical expertise they need, wherever and whenever it is needed. We offer contractors far more than a traditional recruitment service, supporting with everything from securing visas and work permits, to providing market-leading benefits packages and accommodation, ensuring they are safely and compliantly able to support our clients.