MTS- Information Security & Business Continuity Manager

Job title: Information Security & Business Continuity Manager
Location: Milan, Italy (on-site or hybrid)
Entity: MTS SpA
Contract type: Permanent

Introduction
Join our MTS IT Governance team as Information Security and Business Continuity Manager. In this pivotal role, you will lead the definition, implementation and continuous improvement of our security and business continuity practices, in line with the Euronext Security Programme and the Euronext Business Continuity Management Programme. Reporting directly to the Head of MTS IT Governance, you will work closely with colleagues across the organisation to safeguard the confidentiality, integrity and availability of our systems and data. This is a unique opportunity to shape the security and resilience posture of a mission-critical technology environment within the Euronext Group and to foster a culture of compliance, preparedness and continuous improvement.

You will primarily be responsible for:

Information security

• Supporting the MTS CTO, the Head of MTS IT Governance and the Business CISO in implementing the Euronext Security Programme, including designing, maintaining and overseeing required processes and controls
• Ensuring all security activities comply with the applicable governance framework, including ISO 27001 and NIST
• Maintaining and updating Information Security Management System (ISMS) documentation
• Overseeing the Information Security Risk Management Framework, ensuring alignment with the enterprise risk management framework
• Promoting information security education, training and awareness across the organisation
• Reviewing and assessing information from security event monitoring and ensuring appropriate follow-up actions
• Overseeing vulnerability management activities and ensuring timely remediation
• Supporting compliance with Italian cyber resilience and cybersecurity regulations, aligning practices with national legal and supervisory requirements

Business continuity

• Supporting the MTS CTO in implementing the Euronext Business Continuity Management Programme, including designing, maintaining and overseeing required processes and controls
• Acting as Business Continuity Coordinator, ensuring activities comply with ISO 22301 and Bank of Italy guidelines
• Representing MTS within the Bank of Italy’s business continuity unit (CODISE), ensuring alignment with national supervisory expectations
• Maintaining and updating Business Continuity Management System (BCMS) documentation
• Organising, coordinating and reporting on periodic business continuity tests and exercises

IT risk management

• Managing periodic risk reviews, reporting activities and coordination with the Euronext Risk function
• Supporting risk management activities, including maintaining and improving the MTS risk registers
• Maintaining Key Risk Indicators (KRIs) and assessing information security controls
• Coordinating the implementation of mitigating actions
• Ensuring information risks are properly identified, assessed, monitored and managed

Your profile

• Excellent communication skills and ability to collaborate across teams and geographies
• Fluent in English and Italian, both written and spoken
• Strong ability to work independently and manage multiple priorities
• Composure and sound judgement under pressure, with the capacity to act decisively in high-stress or crisis situations
• Solid experience with risk management frameworks and deep understanding of information security and cyber best practices, ideally within financial services
• Familiarity with key controls, metrics and processes for managing information security risks
• Good understanding of governance, risk and compliance (GRC) principles, especially in business continuity and operational resilience
• Experience with leading security technologies and solutions is an advantage
• Previous experience in IT audit is considered a plus

Working with us means
You will join a dynamic and international environment where collaboration, accountability and continuous improvement are central to our operations. You will have the opportunity to strengthen the security and resilience of a leading electronic trading platform and play a key role in enhancing MTS’s operational excellence and long-term sustainability within the Euronext Group.

Apply by submitting a CV in English.

About MTS SpA
MTS SpA is part of the Euronext Group, the leading European capital market, covering the entire capital markets value chain, from listing, trading, clearing, settlement and custody, to solutions for issuers and investors. We operate seven national stock exchanges, handling 25% of European lit equity trading. Our products include equities, FX, ETFs, bonds, derivatives, commodities and indices. Euronext also provides clearing and settlement services through Euronext Clearing and our network of Euronext Securities CSDs. In addition, Euronext runs MTS, one of Europe’s leading electronic fixed income trading markets, and Nord Pool, the European power market. The company has a diverse domestic and international client base.

We are proud to be an equal opportunity employer. We do not discriminate against individuals on the basis of race, gender, age, citizenship, religion, sexual orientation, gender identity or expression, disability, or any other legally protected factor. We value the unique talents of all our people, who come from diverse backgrounds with different personal experiences and points of view and we are committed to providing an environment of mutual respect.

We are proud to be an equal opportunity employer. We do not discriminate against individuals on the basis of race, gender, age, citizenship, religion, sexual orientation, gender identity or expression, disability, or any other legally protected factor. We value the unique talents of all our people, who come from diverse backgrounds with different personal experiences and points of view and we are committed to providing an environment of mutual respect.

Additional Information

This job description is only describing the main activities within a certain role and is not exhaustive. It does not prevent to add more tasks, projects.