Cybersecurity Governance Intern

Job Description:

Join Saipem and engineer a sustainable future.
We are a global leader in engineering and construction for the energy and infrastructure sectors, delivering complex onshore and offshore projects worldwide. Driven by technological innovation as "One Company", our 30,000 people from over 130 nationalities in more than 50 countries work every day to enable the energy transition toward Net Zero. At Saipem, we embrace diversity as a driver of innovation and inclusion, while prioritizing people's safety and environmental sustainability, even in the most challenging conditions.
Purpose of the position: As Cybersecurity Governance Intern Specialist you will be part of the Cybersecurity Governance (CYGO) team and will primarily focus on cybersecurity activities related to third parties and suppliers.
You will support and supervise the Third-Party Risk Management (TPRM) process, ensuring its effectiveness, consistency, and alignment with the related requirements, while contributing to contractual, audit, reporting, and awareness activities related to cybersecurity.
How can you support us?
* Supervising and supporting the Third-Party Risk Management (TPRM) process, ensuring that both the process and the supporting tools operate effectively and efficiently.
* Monitoring the outcomes of third-party cybersecurity risk assessments and ensuring the timely execution and tracking of required follow-up.
* Supporting supplier audit activities, including preparation, execution support, evidence review, and follow-up actions.
* Providing support during the review and evaluation of Data Processing Agreements (DPA), as well as General Terms and Conditions (GTC) and Special Terms and Conditions (STC) during supplier negotiation phases, from a cybersecurity perspective.
* Supporting cybersecurity awareness initiatives, including:
* Identifying relevant cybersecurity topics for the monthly internal newsletter (Cyber Wave) and contributing to the drafting of related articles.
* Defining scenarios for periodic phishing simulation campaigns and monitoring and analysing campaign results.
What are we looking for?
Education: Master's Degree/bachelor's degree in management /computer engineering / Technical Diploma o similar fields, whit master's or specialization in cyber security.
Background: University projects or internships in the ⁠cybersecurity sector are preferred
Languages:
* Italian: native or at least C1 proficiency
* English: at least B2 level (written and spoken).
Technical Skills:
* Ability to analyse documentation and contractual clauses with attention to detail.
* Capability to prepare clear and structured reports and presentations.
* Interest in and basic understanding of cybersecurity governance and risk management is considered a plus.
* Familiarity with Procurement and Vendor Management processes is considered a preferred qualification.
* Previous knowledge or certifications in cybersecurity standards (e.g. ISO/IEC 27001) are welcome but not required.
What else should you know? This internship does not require frequent travelling and will be mainly based in the Milan office, with possible smart working options according to company policies.
What we can offer to you:
* six months extracurricular Internship
* Gross monthly allowance of participation: not less than EUR 650
* Corporate Benefits: We offer a comprehensive benefits package, including company gym and company canteen
* Hybrid working model: Smart Working options and flexible hours to help you achieve a better work-life balance.
* Location: Milano (Santa Giulia)
Regulatory Compliance
The decision is made in compliance with:
* the principle of equal pay for the same work or work of equal value;
* the pay transparency requirements set out in EU Directive 2023/970 and the relevant national implementing legislation.
Additional Information
We support your development! Do you feel you might not fit this role perfectly? If you think you can contribute to our business development in the future, don't hesitate to apply anyway through our spontaneous application form!

PRIVACY POLICY
All interested candidates (L. 903/03) are invited to consult the privacy policy (art 13, 14, D.Lgs 196/03 and art 13 GDPR 679/16)