KERING TECHNOLOGIES Information Security Risk Assessor
Kering - Regular
MILANO - Italy
During the last 2 years, Cybersecurity team have established a baseline of practices to secure projects delivered by Kering IT teams.To reinforce and strengthen business relationship with GUCCI teams, we are opening a dedicated position in Cybersecurity teams to address Gucci initiatives and ensure proper risk monitoring with Gucci’s CISO.
How you will contribute
You will be entitled to assess, report and monitor Cyber risks related to GUCCI’s scope of project.
Those activities will include:
Manage and continuously improve the risk analysis activity in projects, as well as the monitoring of security remediation actions.
Manage and support project managers (IT and/or other professions) on the security aspects of projects. Monitor and ensure the level of security in all stages of projects in connection with project governance
Contribute to the management of the group's Governance, Risk and Compliance team in connection with the Prevent & Comply approach defined in the security strategy
Enforce and monitor the correct application of the group's security norms and standards and actively contribute to their definition
Actively contribute to the definition and implementation of the group's information security policies, to be applied to all houses and brands
Ensure that security is taken into account in contracts with third parties and that security is properly taken into account by the latter via a regular audit
Manage the performance of standard external security audit services in conjunction with other team
Who you are
IT Science Degree or Information Security related degree or a closely related field, ideally supplemented security certifications CISSP, ISO 2700X, CISA, CRISC, OCSP, GIAC, SANS or equivalent demonstrable skills
At least 3 years of professional experience in the field of Information Security, including at least 2 years in one of the areas of risk management or compliance, security engineer or risk assessor
Solid expertise in risk management processes, techniques, and tools (ISO27005, NIST, etc..). A good mastery of the main concepts of technical architecture, cloud, systems, networks
Passionate about security and technology, curious
Excellent formalization and writing skills for policies or presentation materials for the various committees
Compliance, regulations and standards: Knowledge of the main regulations and ability to assimilate new standards and benchmarks
Management and leadership skills
Organizational skills and excellent communication
Fluent English and Italian
Why work with us?
This is an excellent opportunity to join the Kering adventure in a moment of extraordinary growth and become part of a dynamic team in a global Luxury group that offers endless possibilities to learn and grow. Talent development is a managerial principle at Kering and we are committed to fostering internal mobility. Our common vision promotes leadership skills and helps every employee to reach their full potential in a stimulating and fulfilling workplace environment.
Kering is committed to building a diverse workforce. We believe diversity in all its forms – gender, age, nationality, culture, religious beliefs and sexual orientation – enriches the workplace. It opens up opportunities for people to express their talent, both individually and collectively and it helps foster our ability to adapt to a changing world. As an Equal Opportunity Employer, we welcome and consider applications from all qualified candidates, regardless of their background.
- Full time