KERING AMER Cybersecurity and PCI Engineer

KERING Cybersecurity and PCI Engineer

Job Family: Technology

Job Title: Cybersecurity and PCI Engineer

Location: Wayne, NJ

As a Global Luxury group, Kering manages the development of a series of renowned Maisons in Fashion, Leather Goods, Jewelry, and Watches: Gucci, Saint Laurent, Bottega Veneta, Balenciaga, Alexander McQueen, Brioni, Boucheron, Pomellato, Dodo, Qeelin, as well as Kering Eyewear. By placing creativity at the heart of its strategy, Kering enables its Maisons to set new limits in their creative expression while crafting tomorrow's Luxury sustainably and responsibly. We capture these beliefs in our signature: "Empowering Imagination." In 2020, Kering had nearly 30,000 employees and restated revenue of €13.1 billion.

HOW YOU WILL CONTRIBUTE

• Closely work with Kering global CSIRT and SOC team, respond to security incidents to quickly identify and contain potential threats
• Conduct vulnerability scans and remediation in liaison with infrastructure and application teams to improve the security of critical digital assets
• Proactive search and identify security and PCI compliance gaps in existing or proposed architectures and processes, and recommend risk mitigation measures
• Contribute to technical solution design and development of cloud and on-premises security architectures. Manage and support global security strategy and execution of technologies and solutions.
• Perform security and risk assessment to ensure payment security and PCI compliance in retail and e-commerce. Lead PCI controls implementation and remediation projects
• Participate in PCI DSS assessment and remediation to maintain compliance status of retail and e-commerce payment systems

WHO YOU ARE

• 3 years of Experience as an incident handler, security engineer, security tester, or similar security practice roles in a global, multinational environment
• Experience in security assessment, penetration test, forensic analysis, threat detection, and containment
• Knowledge of emerging cyber-attacks, countermeasures, and best practices in retail and e-commerce systems. Familiar with current attack methodologies, campaigns, platforms, and tools
• In-depth Knowledge of firewall, logging, FIM, encryption, packet analysis, and internet security
• Subject matter expert in system security lockdown in Windows, Linux, web applications, and appliances
• Familiar with OWASP top 10 common vulnerabilities, secure coding best practices, web application security assessment
• Knowledge of credit card payment processing, payment solutions, payment devices, and PCI Security Standards
• Hands-on work experience with cloud services (AWS, Azure) infrastructure solution or Cloud security management

Preferred Qualifications/Certifications: (nice to have):

• Professional certification like CISSP, CISM, CISA, GIAC, CEH, OSCP
• Cloud professional certification (AWS, Azure)