Manager, Cyber Resilience Architecture

"Digital transformation is at the forefront of our Group development. This transformation will open a lot of new opportunities on all the area and domains where the Group operates. Join us if you want to play a key role in this thrilling transformation by partnering with our business functions to enable a secure innovation and to keep our people and assets safe and secured.”

CONTEXT

You, as a Manager, Cyber Resilience Architecture, will become a member of the Richemont Group Cyber Resilience department, a highly motivated and dynamic global team. You will work with our Richemont Group including all worldwide Maisons. You will be leading the cyber architecture team and report to the Head of Group Cyber Risk & Advisory. Sitting in the 2nd line of defense, you will provide guidance and advisory to business and technical functions within the Group to enable security by design and oversee the security architecture.

You will indeed provide global guidance, oversight and definition of cyber security concepts and models along with cyber security best practices. You, together with your team, will enable the Group to achieve its business strategy and objectives in a secure and resilient manner. 

You will be leading and supporting various initiatives aiming to define and deploy processes, awareness and technologies related to cybersecurity architecture.

You will be given the mandate and opportunity to bring efficiency in the team by identifying areas of improvement, optimization and automation. In addition, you will work on objective to advance the architecture framework, increase overall maturity of the function and value provided to business partners.

You will also actively participate to other risk assessments activities, such as, the definition and update of cyber security policies and baselines, control objectives or security best practices/guidance, security architecture review, awareness campaigns, third party security due diligence, cyber control management etc.

Your role will involve a prominent level of collaboration with key stakeholders from the business as well as other security specialists, technology communities, control owners and external vendors. 

HOW WILL YOU MAKE AN IMPACT?

Your key responsibilities will be the following:

• Lead the cybersecurity architecture framework definition and implementation
• Develop and implement cybersecurity architecture strategy across the entire Group
• Establish effective governance practices to guide the architecture practice and ensure sustainable and scalable evolution of the service
• Enable control owners to fully comprehend their responsibilities and take ownership of control activities
• Lead a multicultural and strong team with a clear vision and strategy
• Develop and communicate a compelling vision that resonates with team members and leadership expectations
• Foster an inclusive and collaborative team culture
• Provide mentorship and resources to support the professional development of every team member
• Establish team goals and ensure their successful attainment and future development
• Engage with various Richemont entities’ executives and drive or participate in cyber assessments at strategical level
• Oversee and support the scaling of the cybersecurity control framework toward the Group
• Translate intricate security concepts into easily understandable language Advise business units, operational teams, and IT teams on cybersecurity architecture concepts, to ensure only acceptable risks are introduced to the Group, and to make sure Richemont keeps compliant with legislations and regulatory requirements
• Track and monitor cyber risk remediation/mitigation measures
• Serve as a senior cyber architect subject matter expert to business and technical functions in the Group
• Collaborate with cyber risk managers and advisors to ensure that cyber security best practices are properly and systematically embedded within business and enterprise applications, services, platforms, and processes (enforce security by design)
• Research emerging concept and solutions to secure complex business problems enhancing depth of knowledge and experience. Benchmarks cyber risk and security strategies in alignment with threat and risks landscapes
• Assist in deployment of cybersecurity awareness program for the Group
• Define and maintain KPIs to provide visibility to stakeholders and management

HOW WILL YOU EXPERIENCE SUCCESS WITH US?

For this role you will need to demonstrate of a certain maturity in the below skills:

• Strong background in various cyber security roles with a focus on cyber architecture, infrastructure, technology
• Proven experience in people management
• Excellent communication skills including the ability to adapt and communicate toward several types of audiences, at various hierarchical levels (up to C-Level)
• Proven knowledge and hands-on expertise on information security principles and practices
• SME (Subject Matter Experts) in control management frameworks, such as NIST CSF, CIS top 20, ISO 27002, NIST 300-53 etc.
• Master one of the industries recognized common risk management frameworks (FAIR, NIST RMF, ISO 27005, ISO 31000, COSO, others)
• Strong advantage is also mastering any of the industry-recognized enterprise architecture frameworks (TOGAF, Zachman Framework, FEAF, GARTNER, or similar)
• Knowledge of the other frameworks is a plus
• Industry recognised Security Certifications are a plus (e.g., CISSP, CISM, CRISC, NIST CSF, etc.)
• Industry recognised Cloud Security Certifications are a plus
• Familiar with various international security and privacy regulations (GDPR, Chinese Cyber Security Law, South Korea PIPA, etc.)
• Business acumen
• Experience in project management
• Very good analytical and problem-solving skills
• Strong collaborative mindset
• Experience working in large, multi-tiers and international environments
• Fluent in English. Additional languages are a plus

WHAT MAKES OUR GROUP DIFFERENT?
Our true power does not lie in our similarities but in the rich diversity of our arts, cultures, and human skills, as well as our specific ability to foster untapped potential.

- We value freedom, collegiality, loyalty, and solidarity.
- We foster empathy, curiosity, courage, humility, and integrity.
- We care for the world we live in.

YOUR JOURNEY WITH US

1. If your application is selected, our Talent Acquisition Partner will reach out to you shortly for an introductory call.

2. As a next step, you will have interviews with the Head of Group Cyber Risk & Advisory, and any relevant internal stakeholder. Also, you will have a final interview with our HR Business Partner.