×
Register Here to Apply for Jobs or Post Jobs. X

Information Security - Identity Lifecycle Management

Job in 20029, Turbigo, Lombardia, Italy
Listing for: Altro
Full Time position
Listed on 2026-07-13
Job specializations:
  • IT/Tech
    Information Security, Cybersecurity, Data Security
Salary/Wage Range or Industry Benchmark: 60000 - 90000 EUR Yearly EUR 60000.00 90000.00 YEAR
Job Description & How to Apply Below
Location: Turbigo

Your role
You will be responsible for the management and coordination of activities within Company’s Information Security Master Plan, related to Identity Lifecycle management and SoD Project and Initiatives. As Information Security Governance specialist you will be working across multiple teams, interacting with both IT and Business stakeholders, to facilitate, coordinate, advise, monitor and enable the implementation of the Information Security policies. This role will support the execution of strategic and cross-functional initiatives across the Governance domain, with a focus on awareness, training programs, project coordination, process and procedures risk management and security compliance.

Main responsibilities

Information Security Planning – Plan and estimate budget and time schedule for activities to be included into Information Security Master Plan.

Oversight on maintenance and implementation of Information Security policies / procedures – Ensure the oversight of the implementation of the activities, identifying and reporting issues, risks and opportunities to the CISO / relevant stakeholders.

Design and deliverawareness campaigns, workshops, and training initiatives tailored to different audiences.

Support the selection and evaluation of training content and platforms, in collaboration with HR, Communication and other providers.

Contribute to the definition and review of Identity Lifecycle models and controls and Segregation of Duties (SoD) in collaboration with Business owners, IT, HR, Risk Management, Privacy and Compliance, Internal Control and Internal Audit.

Lead and coordinate the Identity Lifecycle and SoD projects for non-finance areas (i.e. SAP modules MM and SD), ensuring the extension of Identity Management governance to all business applications and data repositories.

Collaborate with HR Business Partners (HRBP), Business Process Owners (BPO), and IT to define, implement, and maintain a centralized Role-Based Access Control (RBAC) library.

Map, monitor, and evaluate application profiles (especially administrative roles) for non-finance departments, identifying anomalies and enforcing segregation of duties.

Supervise and execute risk assessments for access requests outside the standard RBAC library, defining exception workflows and compensating controls.

Validate new access or function requests against the approved role library and assess risks for exceptions or non-standard assignments.

Define and enforce control processes for access provisioning, exception handling, and periodic reviews, including onboarding, role/function changes, and offboarding.

Collaborate on the design and implementation of automated processes for onboarding, role changes, and offboarding, ensuring integration with HRIS and target systems.

Support the periodic review and maintenance of the RBAC role library, working closely with HRBP and BPOs to refine roles and ensure SoD is maintained.

Participate in incident investigations related to identity and access management, analyzing root causes and recommending improvements to lifecycle and SoD controls.

Promote awareness and training on SoD principles and identity governance among business stakeholders, HR, and IT.

Act as a governance and control point within the Identity Lifecycle Management process, ensuring that access delegation requests are appropriate, risk‑assessed, and aligned with the RBAC model and SoD process.

Contribute to the definition and review of SoD models and controls in collaboration with IT, Internal Control, HR, Risk Management and Internal Audit.

Define and maintain a comprehensive KPI framework for RBAC lifecycle governance, including the design of automated dashboards and anomaly‑detection metrics, the setup of threshold‑based alerts and escalation workflows, and the regular reporting of access‑governance performance and identified risks to the appropriate security and risk committed.

Main requirements

Bachelor’s degree in information security, Information Technology, Computer Science, Engineering, Statistical or similar

At least 2 years of experience gained in the ICT Risk Management or Security area with particular focus on the Identity…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary