Cdi - Cybersecurity Specialist - (H/F)

Job description

**The Context**:
Within the IT department, we are looking for a Cybersecurity Specialist who will be attached to the Operation IT department Pole.

**The role**:
The Cybersecurity Specialist role is to ensure the streamlined alignment of the Group and Holding Textile Hermès (HTH) department for all Information Security and IT Security matter. He/She is responsible for the security and associated compliance aspects in HTH.
- The primary purpose of this role is to ensure strong regional alignment with the Global CISO team/strategy and local regulations related to IT and Cybersecurity activities but also promote any regional requirements for integration in the Global Information Security strategy.
- The secondary purpose of this role is to manage and deliver several Cybersecurity Transformation Programs activities that fall within this domain. All the SecOps aspects like day to day operations, patch and vulnerability management or security architecture design are part of it.
- The third purpose of this role is to become a credible and recognized Information Security Single Point Of Contact (SPOC) across HTH able to influence at Senior level, educate the business functions; interact successfully with all oversight functions (risk, audit, legal ) and local regulators.

**Responsibilities**:

- Be the Regional entry point for the Global Cybersecurity team and the local functions for IT Security and Information Security.
- Provide Cybersecurity consultancy and advisory on cross-functional initiatives and special initiatives that occur as a result of an ad-hoc request received from the Business, the regulator or the IT Team.
- Ensure the adoption and compliance with the Hermès Information Security Policy as well as the global Information security processes and tools.
- In close collaboration with the Audit and Risks department team, be the local point of contact for all auditors (internal or external) and coordinate and/or lead all IT audits execution
- In close collaboration with the Global Cybersecurity team, manage the 3rd parties security assurance and annual re-certification activities for HTH.
- In close collaboration with the Global Cybersecurity team, monitor the IT & Information Security risks at local and regional level.
- Be a member of the regional incident response team taking the lead on all Cybersecurity and IT Security matters.
- Establish, own and manage Cybersecurity audit framework, leveraging on Group tools and processes while ensuring local criteria are in scope.
- Ensure alignment, implementation and monitoring of local regulations and policies in relation with the Global CISO.
- Act as a local business enabler for the Global Cybersecurity team and evangelise IT security via regular training sessions delivery ensuring that Cybersecurity is not seen as a blocker, but as a partner to endeavors and goals.
- Own projects delivery and initiatives within the Global Cybersecurity Roadmap providing tactical project management where necessary, SME guidance where appropriate and by calling on the resource of other teams and departments as required.
- Act as a collaborator across the CISO team and wider business, sharing knowledge and insight and helping develop individuals.
- Produce presentations and analysis describing Information Security and CISO team activities for a range of audiences with varying levels of seniority.
- Manage the Cybersecurity regional annual budget in coordination with the local management as well as the Global CISO.
- Liaise with other pillars to standardise Management Information (MI) reporting, with ownership of all MI data produced by the Operations pillar. Coordinate the production of MI, reporting packs and presentation materials within the CISO team and communicate the outputs to relevant internal and external parties.

**Position Requirements**
- University degree in a technology
- At least 3 years of experience in Cybersecurity/Infosec/IT infrastructure
- Certification such as the following is appreciated:

- CISSP
- CISM
- CISA
- CGEIT
- CRISC
- ISO 27001/5
- Knowledge of applicable data privacy practices, regulations and laws.
- Knowledge of network protocols and IT infrastructure.
- Proven experience working successfully with external service providers
- Strong understanding of project management principles.
- Excellent interpersonal skills.
- Ability to present ideas in business-friendly and user-friendly language.
- Highly self-motivated and directed with ability to effectively prioritize tasks.
- Proven analytical, evaluative, and problem-solving abilities.
- Extensive experience working in a team-oriented, collaborative environment.
- Excellent English written and oral communication skills.

About the Hermès Group
- A creator, artisan and seller of high-quality objects since 1837, Hermès is an independent, family-owned French house that employs nearly 20,000 people worldwide. Driven by its permanent entrepreneurial spirit and consistently hig