Cyber Security Manager

About OTB Group
OTB is an international fashion group powering a range of global, unconventional brands, including Diesel, Maison Margiela, Marni, Viktor&Rolf, and Jil Sander. The group also controls the Staff International and Brave Kid companies and holds a stake in L.A. brand Amiri. As its name suggests (OTB, short for “Only The Brave”), the group pushes boundaries and challenges established rules to redefine the world of fashion and lifestyle. OTB fosters the creativity of international talents and expresses the brave, innovative and unapologetic spirit and vision of its founder and chairman Renzo Rosso. With more than 6,000 employees worldwide, the Group is based on a customer centred digital approach, a concrete long-term commitment to the creation of a sustainable and technologically driven business, and a close attention to social issues through the OTB Foundation.
 

OTB Spa is looking for a Cyber Security Manager for its offices in Breganze (VI) or Milan. The Cyber Security Manager will join the IT Department, inside Infrastructure & Operations division, reporting directly to the Infrastructure & Operations Director and he/she will manage all Cyber Security related activities within OTB group.

The main responsibilities of the role will be:

• Management, configuration, patching, monitoring and fine tuning of the Vulnerability & Application Scanning products;
• Management and operation of the L7 security tool such as EDR, EPP, WAF, IDS/IPS, SWG;
• Setting security configuration standards for IT systems (e.g., operating system hardening etc.);
• Planning, research and development security policies, procedures and control techniques by proposing and conducting research of new security technologies in order to identify and establish good security governance;
• Working with other department in order to define, maintain and update Information Systems Security policies, procedures, and practices;
• Interact with External SOC and apply any suggested recommendation / remediation;
• Perform security incident evidence gathering, evaluations, remediation, review and analysis;
• Coordinate Junior Resources on all the Cyber Security Activities in charge to the area;
• Inform, advise and issue recommendations regarding compliance with data protection laws (GDPR);
• Support the third-party risk assessment process to rate third party involved in data processing.

Job requirements:

• Degree in Computer Science, Engineering, Telecommunications, Economics;
• At least 7 years of experience in Cyber Security;
• In-depth understanding of vulnerabilities management systems and common security applications;
• Hands-on experience and knowledge on the following technologies:
  • Firewall, WAF, VPN, IDS/IPS, EDR, EPP, DLP, SWG, CASB, NAC, IAM;
  • Penetration testing, vulnerability scanning, SIEM, SOAR, patch management solution, data leakage solution, DDOS prevention, DNS Security, Cloud Security;
• Familiarity with the NIST Cybersecurity Framework and a threat intelligence framework such as MITRE ATT&CK;
•  Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT;
• Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), SANS GSEC, Certified Ethical hacker or other similar credentials, is highly desired;
• Proved experience with supporting an environment that includes Microsoft Windows, UNIX, Macintosh OSX, Linux and mobile operating systems;
• Good influencing and project management skills; 
• Experience working with multiple stakeholders from different functions and different organizational levels.
   

#OTB #LI-HYBRID #LI-ANR