Overview Richemont owns some of the world’s leading luxury goods Maisons, with particular strengths in jewellery, watches, fashion and accessories. Each Maison represents a proud tradition of style, quality and craftsmanship and Richemont seeks to preserve the heritage and identity of each of its Maisons. At the same time, we are committed to innovation and designing new products which are in keeping with our Maisons’ values, through a process of continuous creativity.
Role Manager, Cyber Resilience Architecture
“Digital transformation is at the forefront of our Group development. This transformation will open a lot of new opportunities on all the area and domains where the Group operates. Join us if you want to play a key role in this thrilling transformation by partnering with our business functions to enable a secure innovation and to keep our people and assets safe and secured.”
Context You, as a Manager, Cyber Resilience Architecture, will become a member of the Richemont Group Cyber Resilience department, a highly motivated and dynamic global team. You will work with our Richemont Group including all worldwide Maisons. You will be leading the cyber architecture team and report to the Head of Group Cyber Risk & Advisory. Sitting in the 2nd line of defense, you will provide guidance and advisory to business and technical functions within the Group to enable security by design and oversee the security architecture.
You will provide global guidance, oversight and definition of cyber security concepts and models along with cyber security best practices. You, together with your team, will enable the Group to achieve its business strategy and objectives in a secure and resilient manner.
You will be leading and supporting various initiatives aiming to define and deploy processes, awareness and technologies related to cybersecurity architecture.
You will be given the mandate and opportunity to bring efficiency in the team by identifying areas of improvement, optimization and automation. In addition, you will work on objectives to advance the architecture framework, increase overall maturity of the function and value provided to business partners.
You will also actively participate in other risk assessment activities, such as the definition and update of cyber security policies and baselines, control objectives or security best practices/guidance, security architecture review, awareness campaigns, third party security due diligence, cyber control management etc.
Your role will involve a prominent level of collaboration with key stakeholders from the business as well as other security specialists, technology communities, control owners and external vendors.
How will you make an impact? Your key responsibilities will be the following:
Lead the cybersecurity architecture framework definition and implementation Develop and implement cybersecurity architecture strategy across the entire Group
Establish effective governance practices to guide the architecture practice and ensure sustainable and scalable evolution of the service
Enable control owners to fully comprehend their responsibilities and take ownership of control activities
Lead a multicultural and strong team with a clear vision and strategy Develop and communicate a compelling vision that resonates with team members and leadership expectations
Foster an inclusive and collaborative team culture
Provide mentorship and resources to support the professional development of every team member
Establish team goals and ensure their successful attainment and future development
Engage with various Richemont entities’ executives and drive or participate in cyber assessments at strategical level
Oversee and support the scaling of the cybersecurity control framework toward the Group
Translate intricate security concepts into easily understandable language. Advise business units, operational teams, and IT teams on cybersecurity architecture concepts, to ensure only acceptable risks are introduced to the Group, and to make sure Richemont keeps compliant with legislations and regulatory requirements
Track and monitor cyber risk remediation/mitigation measures
Serve as a senior cyber architect subject matter expert to business and technical functions in the Group
Collaborate with cyber risk managers and advisors to ensure that cyber security best practices are properly and systematically embedded within business and enterprise applications, services, platforms, and processes (enforce security by design)
Research emerging concepts and solutions to secure complex business problems, enhancing depth of knowledge and experience. Benchmark cyber risk and security strategies in alignment with threat and risk landscapes
Assist in deployment of cybersecurity awareness program for the Group
Define and maintain KPIs to provide visibility to stakeholders and management
How will you experience success with us? For this role you will need to demonstrate a certain maturity in the below skills:
Strong background in various cyber security roles with a focus on cyber architecture, infrastructure, technology
Excellent communication skills including the ability to adapt and communicate toward several types of audiences, at various hierarchical levels (up to C-Level)
Proven knowledge and hands-on expertise on information security principles and practices
SME (Subject Matter Experts) in control management frameworks, such as NIST CSF, CIS top 20, ISO 27002, NIST 300-53 etc.
Master one of the industry-recognized risk management frameworks (FAIR, NIST RMF, ISO 27005, ISO 31000, COSO, others)
Strong advantage is also mastering any of the industry-recognized enterprise architecture frameworks (TOGAF, Zachman Framework, FEAF, GARTNER, or similar)
Knowledge of other frameworks is a plus
Industry recognised Security Certifications are a plus (e.g., CISSP, CISM, CRISC, NIST CSF, etc.)
Industry recognised Cloud Security Certifications are a plus
Familiar with various international security and privacy regulations (GDPR, Chinese Cyber Security Law, South Korea PIPA, etc.)
Business acumen
Experience in project management
Very good analytical and problem-solving skills
Experience working in large, multi-tier and international environments
Fluent in English. Additional languages are a plus
What makes our group different? Our true power does not lie in our similarities but in the rich diversity of our arts, cultures, and human skills, as well as our specific ability to foster untapped potential.
We value freedom, collegiality, loyalty, and solidarity.
We foster empathy, curiosity, courage, humility, and integrity.
We care for the world we live in.
Your journey with us If your application is selected, our Talent Acquisition Partner will reach out to you shortly for an introductory call.
As a next step, you will have interviews with the Head of Group Cyber Risk & Advisory, and any relevant internal stakeholder. Also, you will have a final interview with our HR Business Partner.
#J-18808-Ljbffr