KERING TECHNOLOGIES Information Security Risk Assessor

Your opportunity

During the last 2 years, Cybersecurity team have established a baseline of practices to secure projects delivered by Kering IT teams.To reinforce and strengthen business relationship with GUCCI teams, we are opening a dedicated position in Cybersecurity teams to address Gucci initiatives and ensure proper risk monitoring with Gucci’s CISO.

How you will contribute

You will be entitled to assess, report and monitor Cyber risks related to GUCCI’s scope of project.

Those activities will include:

• Manage and continuously improve the risk analysis activity in projects, as well as the monitoring of security remediation actions.

• Manage and support project managers (IT and/or other professions) on the security aspects of projects. Monitor and ensure the level of security in all stages of projects in connection with project governance

• Contribute to the management of the group's Governance, Risk and Compliance team in connection with the Prevent & Comply approach defined in the security strategy

• Enforce and monitor the correct application of the group's security norms and standards and actively contribute to their definition

• Actively contribute to the definition and implementation of the group's information security policies, to be applied to all houses and brands

• Ensure that security is taken into account in contracts with third parties and that security is properly taken into account by the latter via a regular audit

• Manage the performance of standard external security audit services in conjunction with other team

Who you are

• IT Science Degree or Information Security related degree or a closely related field, ideally supplemented security certifications CISSP, ISO 2700X, CISA, CRISC, OCSP, GIAC, SANS or equivalent demonstrable skills

• At least 3 years of professional experience in the field of Information Security, including at least 2 years in one of the areas of risk management or compliance, security engineer or risk assessor

• Solid expertise in risk management processes, techniques, and tools (ISO27005, NIST, etc..). A good mastery of the main concepts of technical architecture, cloud, systems, networks

• Passionate about security and technology, curious

• Excellent formalization and writing skills for policies or presentation materials for the various committees

• Compliance, regulations and standards: Knowledge of the main regulations and ability to assimilate new standards and benchmarks

• Management and leadership skills

• Organizational skills and excellent communication

• Fluent English and Italian

Why work with us?

This is an excellent opportunity to join the Kering adventure in a moment of extraordinary growth and become part of a dynamic team in a global Luxury group that offers endless possibilities to learn and grow. Talent development is a managerial principle at Kering and we are committed to fostering internal mobility. Our common vision promotes leadership skills and helps every employee to reach their full potential in a stimulating and fulfilling workplace environment.

Kering is committed to building a diverse workforce. We believe diversity in all its forms – gender, age, nationality, culture, religious beliefs and sexual orientation – enriches the workplace. It opens up opportunities for people to express their talent, both individually and collectively and it helps foster our ability to adapt to a changing world. As an Equal Opportunity Employer, we welcome and consider applications from all qualified candidates, regardless of their background.