Cybersecurity Operations Specialist

NHOA Corporate

  • Milano
  • 35.000-45.000 € all'anno
  • Tempo indeterminato
  • Full time
  • 8 giorni fa
NHOA S.A. (formerly Electro Power Systems - Engie EPS), global player in energy storage and e-mobility, active in the construction of the largest fast and ultra-fast charging infrastructure in Southern Europe, develops technologies enabling the transition towards clean energy and sustainable mobility, shaping the future of a next generation living in harmony with our planet. It operates through its three Global Business Lines: NHOA Energy, Free2move eSolutions and Atlante.Born in 2005 as a technological spin-off of the Politecnico di Torino and Milano, NHOA leverages its best-in-class technology and engineering edge, developed in over 15 years of R&D, paired with strategic partnerships and global procurement, to deliver the most competitive tailor-made turn-key solutions that allow the integration of renewable sources with all forms of energy storage, from batteries to hydrogen and even electric vehicles.NHOA, with offices in France, the United States and Australia, maintains entirely in Italy research, development and production of its technologies.We are looking for a Cybersecurity Operations Specialist to join our cybersecurity team and contribute to the protection of our global IT environment.In this role, you will be responsible for implementing and managing security controls, monitoring cyber threats, and coordinating incident response activities. You will play a key role in safeguarding corporate systems by proactively identifying vulnerabilities, managing security tools, and supporting compliance with security standards and regulatory requirements.This position requires a hands-on cybersecurity professional who is comfortable working in a dynamic international environment, collaborating with IT teams and external partners to strengthen the company’s security posture.Key Responsibilities
  • Implement, manage and monitor cybersecurity controls in line with industry standards and regulatory requirements
  • Manage security tools and technologies, including EDR/anti-malware platforms, password managers and email filtering systems
  • Run the vulnerability management process: identify, classify and risk-score vulnerabilities (CVSS/EPSS) and track remediation activities
  • Coordinate the patch management cycle, working with ICT teams on Windows/Linux endpoint patching and network device updates
  • Coordinate external penetration testing engagements, including scope definition, review of findings and remediation follow-up
  • Manage DLP policies including classification rules, exception reviews and incident handling via Microsoft Purview
  • Detect potential data breaches and unauthorized activities, supporting breach notification processes when required
  • Handle SOC escalations, coordinating incident response activities including alert triage, evidence collection and containment
  • Support compliance with information security standards and regulatory requirements, preparing security reports and documentation
  • Maintain and enforce corporate information security policies, proposing improvements where necessary
  • Collaborate with IT and other internal teams to ensure security measures are embedded across systems and processes
  • Perform security assessments of new tools and vendors before procurement approval (data flows, access models, vendor posture and contractual requirements)
  • Monitor attack surface exposure and cloud misconfigurations, and coordinate periodic access reviews
  • Stay up to date with emerging cyber threats, trends and technologies
  • 3-6 years of experience in security operations, incident response or SOC environments
  • Bachelor’s degree or diploma in Computer Science, Information Technology or related fields
  • Hands-on experience with EDR/XDR platforms
  • Proven incident response experience, including triage, containment and post-incident activities
  • Practical experience with vulnerability management, including scanning tools, CVSS scoring and remediation tracking
  • Working knowledge of patch management processes
  • Familiarity with cybersecurity regulations and standards such as NIS2 or ISO/IEC 27001
  • Strong communication skills in Italian and English, both written and spoken
  • Ability to manage priorities and deadlines while working both independently and within a team
  • Strong attention to detail and high level of accuracy
  • Continuous learning mindset and ability to adapt to evolving cyber threats and technologies
Nice to Have
  • Experience with SIEM platforms (Google SecOps preferred)
  • Background in manufacturing, energy, or OT/SCADA environments (awareness of IEC 62443)
  • Cybersecurity certifications such as CompTIA Security+, CySA+, GCIH, SC-200, AZ-500, CEH or equivalent
  • Experience with DLP platforms (Microsoft Purview)
  • Basic scripting skills (Python, KQL, PowerShell) for automation and SIEM queries
Location: Hybrid remote and Offices Milan.What we offer-Permanent full-time contract-Competitive annual gross salary (€35,000–€45,000, depending on experience), plus welfare and benefits package-A flexible and innovative approach to remote working that adapts to your needs (see: www.familyworking.it)-Ambitious and people-centered work environment — we invest in your growth and well-being-Professional experience in an international setting, with a young and multicultural team (31+ nationalities)-Cross-functional collaboration to strengthen communication and teamwork skillsThis announcement is addressed to both sexes, in accordance with Law 903/77 and Legislative Decree 198/2006, and to people of all ages and nationalities, in accordance with Legislative Decrees 215/03 and 216/03

NHOA Corporate