Cyber Security Defense Expert

General Qualifications: Bachelor/Master Degree in Computer Science or Engineering. Fluent in English/Italian (both spoken and written). At least 4/5 years of experience with information security. Preferred experience in retail – luxury or in any industry where intellectual property protection is relevant Security Certifications are a plus (e.g. CompTIA Security+, GIAC GISF, ISO 27001, etc.). Ability to constructively and proactively interact with other structures, suppliers and stakeholders, respecting needs of each role. Flexibility, autonomy, speed; highly assertive candidate, with strong goal orientation. Problem solving and strategic vision. Cybersecurity Solutions: At least 4/5 years of proven experience as a cyber defense systems administrator, with hands-on experience in at least four of the following tools: EDR, AV, SIEM, Antispam, Devices Control, ISPM, CSLP, DSPM, DLP, WAF/Bot Manager. Knowledge of communication networks, architectures, infrastructures, and equipment in the Network Security area (Firewall, IPS, Balancer, WAF, VPN, Proxy, NAC, etc.). Detection and Response (SOC/CERT): Proven experience as Incident Handler, encompassing response to issues and alerts, investigation, and remediation (directly or follow-up action). Experience in cyber incident detection leveraging cyber platforms. Understanding of Cyber Threat Intelligence, including monitoring threats, 3rd party and potential leaks, domain registrations, and fraudulent websites. Familiarity with Threat Hunting methodologies to proactively search for undetected threats and monitor suspicious scenarios triggered by detection rules. Ability to manage crises according to incident response plans. Vulnerability Management: Good knowledge of the end-to-end Vulnerability Management process and related industry standards, such as CVE, CPE, CVSS. Good knowledge of the application development life cycle and secure development methodologies. Operational Compliance: Good knowledge of SIEM tools or PowerBI for collecting compliance status and creating operational dashboards enabling continuous monitoring of compliance (security product coverage, log collection, issue handling, etc.) and ensuring adherence to best practices. Offensive Audit: Plan and execute offensive security activities, including penetration testing, red teaming exercises, and bug bounties, to identify and exploit vulnerabilities proactively. Conduct configuration audits to ensure system robustness against malicious actors.