Apply now »Reference Code: 110959
Senior Manager, Group Cyber Incident Response Richemont Bellevue, GE, CH
Permanent Richemont owns some of the world’s leading luxury goods Maisons, with particular strengths injewellery,watches, fashion and accessories. Each Maison represents a proud tradition of style, quality and craftsmanship and Richemont seeks to preserve the heritage and identity of each of its Maisons. At the same time, we are committed to innovation and designing new products which are in keeping with our Maisons’ values, through a process of continuous creativity.
Senior Manager, Group Cyber Incident Response
CONTEXT
The Senior Manager, Group Cyber Incident Response (IR) is a critical leadership role within the Group CSIRT, reporting to the Head of Group Cyber Fusion Operations Center. This position is accountable for designing, executing and continuously maturing a unified, end-to-end incident response capability across all regions (APAC, EMEA and Americas). You will lead the Regional Cyber IR Managers in APAC, Europe and US, ensuring consistency of people, processes and tools; serve as the ultimate escalation point for major incidents; and deliver enterprise-wide visibility into cyber threat posture, response performance and control effectiveness.
HOW WILL YOU MAKE AN IMPACT?
Global Incident Response Strategy & Governance Partner with the Head of Group Cyber Fusion Operations Center, Group CISO and CSO office to define and maintain a coherent, scalable incident response strategy and governance framework that aligns with the broader Security and Risk strategies
Establish global policies, standards, and playbooks; ensure regional adaptation while preserving consistency in methodology, tooling, and metrics
Team Leadership & Development Directly manage three Regional Cyber IR Managers, setting objectives, conducting performance reviews, and fostering a culture of continuous learning and excellence
Drive talent development programs (mentoring, certification roadmaps, cross-regional rotations) to build bench strength and reduce single-points of dependency
Incident Oversight & Escalation Serve as the global escalation point for high-impact or cross-region incidents; coordinate executive-level communications and decisions
When needed act as Incident Commander ensuring coordination of filed activities, external stakeholders and executive reporting
Oversee post-incident reviews (PIRs) across regions, ensuring lessons learned drive actionable improvements in detection, containment, and recovery
Forward crisis management to C-Level
Operational Excellence & Continuous Improvement Define enterprise-wide KPIs (e.g., Mean Time to Detect, Mean Time to Respond, playbook adherence) and dashboard reporting to provide the Head of CSIRT with real-time insights into IR effectiveness
Lead quarterly IR maturity assessments, leveraging industry frameworks (e.g., NIST, SANS) to benchmark and prioritize investments in people, process, and technology
Playbook & Toolchain Management Standardize and version-control incident response playbooks, ensuring they address emerging threat scenarios (e.g., supply-chain attacks, cloud compromises, ransomware)
Evaluate and pilot advanced IR tooling (EDR/XDR, SOAR orchestration, threat intelligence platforms) to automate repetitive tasks and elevate analyst productivity
Stakeholder Engagement & Communication Liaise with Global Security Operations, IT, Legal, Compliance, and Business Continuity teams to integrate incident response into enterprise risk management
Present quarterly IR program reviews to the Security Leadership Team and provide executive summaries for the Audit & Risk Committee
HOW WILL YOU EXPERIENCE SUCCESS WITH US?
Leadership & Communication Exceptional people-management skills: Demonstrate ability to lead by example, inspire, coach, and hold accountable a geographically dispersed leadership team
Active Listening: Prioritize attentive, non-judgmental listening to ensure all voices are heard and valued
Executive-caliber communication: adept at translating technical findings into risk-based business recommendations
Experience engaging with Boards, Audit Committees, and regulators on incident response posture, metrics, and compliance
Experience & Certifications 8+ years in Cyber Security, with at least 3 years managing multiple IR teams or managers in a global/multinational setting
Proven track record coordinating large-scale, complex cyber investigations and cross-border incident escalations
Industry certifications such as CISSP, GCIH, GCFA, GCIA or equivalent; advanced credentials (e.g., OSCE, GREM) highly desirable
Technical & Analytical skills Deep understanding of modern threat landscapes, including advanced persistent threats (APTs), ransomware ecosystems, and cloud-native attacks
Proficiency with SIEM, EDR/XDR, SOAR platforms, threat intelligence sources, and log analytics
Strong data-driven mindset; able to derive insights from incident metrics, logs, and telemetry to guide strategic decisions
Personal attributes Collaborative mindset with a bias for action under pressure
High integrity, resilience, and commitment to driving a security-first culture
Fluent in English; additional languages (e.g., French) are a strong asset
WHAT MAKES OUR GROUP DIFFERENT?
Our true power does not lie in our similarities but in the rich diversity of our arts, cultures, and human skills, as well as our specific ability to foster untapped potential.
- We value freedom, collegiality, loyalty, and solidarity.
- We foster empathy, curiosity, courage, humility, and integrity.
- We care for the world we live in.
YOUR JOURNEY WITH US
1. If your application is selected, our Talent Acquisition Partner will reach out to you shortly for an introductory call.
2. As a next step, you will have interviews with the Head of Group Cyber Fusion Operations Center, and any relevant internal stakeholder. Also, you will have a final interview with our HR Business Partner.
#Richemont#WeCraftTheFuture
Apply now »
#J-18808-Ljbffr