Group IT Security Analyst

The Sofidel Group  

The Sofidel Group is one of the leading manufacturers of paper for hygienic and domestic use worldwide. Established in 1966, the Group has subsidiaries in 12 countries – Italy, Spain, the UK, France, Belgium, Germany, Sweden, Poland, Hungary, Greece, Romania and the USA – with more than 6,000 employees, net sales of 2,173 million Euros (2020) and a production capacity of over one million tonnes per year (1,428,000 tonnes in 2020). “Regina”, its most well-known brand, is present on almost all the reference markets. Other brands include: Softis, Le Trèfle, Sopalin, Thirst Pockets, KittenSoft, Nalys, Cosynel, Lycke, Nicky, Papernet. A member of the UN Global Compact and the international WWF Climate Savers programme, the Sofidel Group considers sustainability a strategic factor with regards to growth and is committed to reducing its impact on natural capital and maximising social benefits, setting as objective the creation of shared added value for all stakeholders. Sofidel’s greenhouse gas (GHG) emissions reduction targets to 2030 have been approved by the Science Based Targets initiative (SBTi) as consistent with reductions required to keep warming to well-below 2°C, in line with the goals of the Paris Agreement.


To implement technologies, processes, IT/OT security System and preventive and control measures in order to safeguard Group systems, data and infrastructure and to prevent, detect and manage cyber threats.


  • Drafts the Group IT/OT system security policies; 
  • Executes the Risk assessment of IT/OT tools and process and drafts the IT/OT risk management plan; 
  • Monitors the technologies, techniques and activities aimed at ensuring the protection of IT/OT systems in terms of data confidentiality, integrity and availability; 
  • Updates the ISO 27001 System and drafts the related procedures;
  • Arranges training sections for the drafted procedures; 
  • Cures the IT/OT security of networks and systems by identifying issues and troubleshooting 
  • Cure the awareness of the Security Culture in the Group;
  • Supports the implementation of systems to prevent data loss and theft
  • Analyses cyber security events and their correlation 
  • Acts in compliance with Data Protection in line with current legislation and corporate policies
  • Promotes a safety-bound corporate culture
  • Applies the Corporate Principles and Values 



  • Bachelor's and/or Master's degree in Informatics
  • Good knowledge of English language
  • Preferable experience, even if only brief, in conducting IT security risk analysis and treatment
  • Preferable experience, even brief, in IT security processes and in drafting of IT security policies
  • Knowledge of cyber threats and attacks
  • Organisational and analytical skills
  • Adaptability, flexibility and team working