Cyber Security Governance Specialist

Are you looking for a new challenge?

Fancy helping us shape the future of motor insurance?

Prima could be the place for you. 

Since 2015, we’ve been using our love of data and tech to rethink motor insurance and bring drivers a great experience at a great price. Our story began in Italy, where we’ve quickly become the number one online motor insurance provider. In fact, we’re trusted by over 5 million drivers. And now we’re expanding to help millions more drivers in the UK and Spain.

To help fuel that growth, we need a Cyber Security Governance Specialist to join our Security Team. 

The Engineering Department is the beating heart of Prima. You’ll be joining over 350 engineers across software development, infrastructure, operations and security: fueled by curiosity, experimentation and collaboration, you’ll help deliver scalable, impactful solutions that shape the future of insurance.

Excited to make an impact? Here are the details

• Contribute to the definition, implementation, and continuous improvement of the cybersecurity governance framework, including policies, procedures, and controls aligned with international standards and regulatory requirements (e.g. ISO/IEC 27001, NIST CSF, COBIT, GDPR, DORA)
• Support Business Continuity Management (BCM) and IT Disaster Recovery (DR) activities, contributing to Business Impact Analyses (BIA) activities, critical asset dependency mapping, the definition and maintenance of Recovery Time and Recovery Point Objectives (RTOs/RPOs) and participation in business continuity and IT Disaster Recovery tests and exercises (e.g. tabletop simulations)
• Perform security audits, gap analyses, and cyber risk assessments, identifying remediation actions and supporting their execution with relevant stakeholders
• Participate in third-partyand resilience assessments, as well as security assessments of emerging technologies, including Artificial Intelligence (AI) solutions
• Support cybersecurity awareness initiatives, training programs, and onboarding activities related to security topics

• 2+ years of experience in cybersecurity governance, risk, compliance, or security assurance roles, preferably in regulated and technology-driven environments.
• Familiarity with Business Continuity Management (BCM) and IT Disaster Recovery (DR) concepts, including participation in Business Impact Analyses (BIA), critical asset dependency mapping, definition of RTOs and RPOs and Disaster Recovery tests or exercises
• Familiarity with Artificial Intelligence (AI) technologies and their associated governance, risk, compliance, and security considerations, including the assessment and oversight of AI-enabled systems
• Proven knowledge of major cybersecurity frameworks (e.g., ISO/IEC 27001, NIST CSF) and regulatory landscapes (GDPR, DORA)
• Strong English communication skills, with the ability to collaborate effectively with multidisciplinary teams

• Certifications such as CISSP, CISM, CRISC, ISO/IEC-27001 Lead Implementer/Lead Auditor, ISO 22301
• Exposure to Business Continuity Management and recovery planning
• Experience supporting regulatory compliance for new digital operational resilience standards (e.g., DORA);

Why you’ll love it here

🤸 Work Your Way: Enjoy full flexibility – work from home, the office or a mix of both.

❗ This is a full remote position and we're considering candidates located in Italy, Spain or UK.

🏁 Grow with us: We may move fast at Prima, but we move together. Get access to learning resources, mentorship and a growth plan tailored to you.

🌈 Thrive and perform: Your best work begins when you feel your best. Enjoy private healthcare, gym discounts, wellbeing programs and mental health support.

Think you’re a match? Apply now.

At Prima, we celebrate uniqueness. If you don’t meet every requirement but are passionate about this role, we still want to hear from you. Innovation thrives on diverse perspectives.

Prima is proud to be an equal opportunity employer. Need accommodations during the process? Email us at accessible.recruiting@prima.it. Let’s build the future of insurance, together.