筛选条件
按日期
按部分

""的0个结果

    House image
    返回就业机会

    02/06/2026

    KERING - Chief Information Security Officer

    Kering - Regular
    Milano - Italy

    About us Kering is a global, family-led luxury group, home to people whose passion and expertise nurture creative Houses across couture and ready-to-wear, leather goods, jewelry, eyewear and beauty: Gucci, Saint Laurent, Bottega Veneta, Balenciaga, McQueen, Brioni, Boucheron, Pomellato, Dodo, Qeelin, Ginori 1735, as well as Kering Eyewear and Kering Beauté. Inspired by their creative heritage, Kering Houses design and craft exceptional products and experiences that reflect the Group’s commitment to excellence, sustainability and culture. This vision is expressed in our signature: Creativity is our Legacy. In 2024, Kering employed 47,000 people and generated revenue of €17.2 billion.

    Context

    Kering is strengthening its cybersecurity posture in a context of growing threats and digital transformation across its prestigious portfolio of luxury houses. To achieve this, a dedicated team of cybersecurity experts globally ensures comprehensive protection for the group and its brands.

    We are currently looking for a GUCCI CISO & Deputy Group CISO to join our cybersecurity leadership team, reporting directly to the Group CISO.

    Your Opportunity

    You will lead cybersecurity operations for GUCCI directly and as a Kering Deputy Group CISO structure Cybersecurity practice for Bottega Veneta, Brioni & Pomellato, working alongside experienced security professionals and in close collaboration with GUCCI CTIO, IT teams, and corporate security functions. This is a hands-on leadership role where you'll build and orchestrate security capabilities across all domains – from governance and compliance to detection and response – while supporting the group's digital transformation and protecting the reputation of our iconic brands.

    How You Will Contribute

    As GUCCI CISO & Kering Deputy Group CISO, you will be responsible for:

    Strategic Leadership & Governance

    • Defining and implementing the cybersecurity strategy across GUCCI and other activities, aligned with the group's security framework structured around five pillars: Prevent, Comply, Protect, Detect & React, and Recover
    • Establishing and maintaining strong collaborative relationships with GUCCI CTIO, Tech teams & houses CIOs, acting as their trusted security partner
    • Leading security governance across GUCCI, ensuring consistency while respecting each house's unique operational needs
    • Deputizing for the Group CISO in steering committees and executive meetings when needed

    Operational Security Management

    • Building, leading, and developing dedicated cybersecurity teams within GUCCI, including recruiting talent and defining team structures
    • Managing internal resources focused on security projects (Prevent pillar) and industrial cybersecurity (Protect pillar)
    • Orchestrating external security resources and service providers to deliver comprehensive protection
    • Driving hands-on security initiatives across all domains, from architecture reviews to incident response coordination

    Risk, Compliance & Policy Framework

    • Defining and deploying information security policies tailored to GUCCI operations & across other houses
    • Maintaining and evolving cyber risk mapping for subsidiaries, including project risk assessments and security remediation tracking
    • Ensuring compliance with industry standards and regulations (PCI DSS, GDPR, ISO27001, local cybersecurity laws, etc.)
    • Leading third-party security management, including supplier audits and vendor risk assessments

    Protection & Resilience

    • Overseeing the deployment and optimization of technical security controls across GUCCI and other subsidiaries (infrastructure, cloud, applications, OT/industrial systems)
    • Coordinating with corporate SOC and CSIRT teams to ensure effective threat detection and incident response capabilities
    • Defining and implementing business continuity and disaster recovery plans for critical systems
    • Championing secure-by-design principles in digital transformation projects

    Awareness & Culture

    • Designing and rolling out engaging cybersecurity awareness programs across GUCCI and other subsidiaries employees (communications, e-learning, events, gamification, etc.)
    • Building a security-conscious culture that balances protection with the creative and operational needs of GUCCI and other houses

    Reporting & Communication

    • Producing regular security dashboards and metrics for the scope and group leadership
    • Communicating security posture, incidents, and improvements to technical and non-technical audiences
    • Coordinating external security audits and managing findings remediation

    Who You Are

    Required Experience & Skills:

    • Education: Bachelor's or Master's degree in Computer Science, Information Systems, or Cybersecurity, ideally complemented by relevant security certifications (CISSP, CISM, ISO 27001 Lead Implementer, GIAC, SANS, or demonstrable equivalent expertise)
    • Experience: Minimum 8-10 years in IT/cybersecurity roles with demonstrated progression, including:
      • At least 3-5 years in leadership positions managing security teams or programs
      • Hands-on experience across multiple security domains (not just GRC)
      • Track record of building or scaling security functions in complex, multi-entity environments
      • Experience in retail, e-commerce, or manufacturing environments is a strong plus
    • Technical Expertise:
      • Strong understanding of cybersecurity across all domains: governance, risk management, security architecture, cloud security (AWS, Azure, GCP), network security, application security, endpoint protection, SOC/SIEM operations, incident response, and business continuity
      • Solid grasp of risk analysis methodologies (EBIOS, ISO 27005, NIST, etc.)
      • Knowledge of secure infrastructure design, systems administration, networking, cloud technologies, and industrial/OT security concepts
      • Understanding of modern DevSecOps and secure SDLC practices
    • Compliance & Standards:
      • Deep knowledge of relevant regulations and frameworks (GDPR, PCI DSS, ISO 27001, NIS2, local data protection laws)
      • Ability to quickly assimilate new standards and translate regulatory requirements into practical security measures
    • Passionate & Curious: Genuine enthusiasm for cybersecurity and technology, with a constant drive to learn and stay ahead of emerging threats
    • Hands-On Leader: Not afraid to roll up your sleeves while also inspiring and developing your team
    • Pragmatic & Results-Oriented: You know what works in practice, not just in theory, and can balance security rigor with business enablement
    • Excellent Communicator: Ability to articulate complex security topics to diverse audiences, from developers to C-suite executives
    • Relationship Builder: Natural ability to influence without authority and build trust with CIOs, business leaders, and technical teams
    • Organized & Agile: Able to juggle multiple priorities across different entities while maintaining focus on strategic objectives
    • Cultural Sensitivity: Appreciation for the unique culture, creativity, and brand values of luxury fashion houses

    Languages

    • Native Italian
    • Fluent English is mandatory

    Why work with us

    Kering is committed to building a diverse workforce. We believe diversity in all its forms – gender, age, nationality, culture, religious beliefs, and sexual orientation – enriches the workplace. It opens up opportunities for people to express their talent, both individually and collectively and it helps foster our ability to adapt to a changing world. As an Equal Opportunity Employer, we welcome and consider applications from all qualified candidates, regardless of their background

    同类职位