Cyber Security Defense Expert

Le poste

Cyber Security Defense Expert is an IT professional who will support and will assist CISO in the design, implementation and maintenance of the company security and compliance plan ensuring alignment with the Group standards, practices and principles across all regions.

This role demands a highly skilled cybersecurity professional to manage the full spectrum of security operations, from building and maintaining robust defenses and proactively hunting threats, to managing vulnerabilities, ensuring compliance through continuous monitoring of security operational tools, and performing offensive audits to secure the organization against evolving cyber risks.

Les missions

The resource will support the Loro Piana IT Team & CISO in all the activities related to new IT and digital projects and will be involved in the following activities:

• Responsible for the enhancement of the 3rd party Security Operation Center and for resolution of security events and incidents.
• Lead incident response and manage crisis
• Coordinate and oversee security test activities (VA and Pen Test) for the certification of new architectures and initiatives.
• Coordinate and oversee remediation programs (e.g. patch management activities, support in fix vulnerabilities).
• Ensure communication & coordination with the Group
• Assist CISO to coordinate outsourced projects for the implementation or the enhancement of cyber security services (SIEM, EDR/AV, DLP, ANTISPAM, BAS, Red Team activities etc.).

The role holder will also coordinate with the IT team to promote training activities in the Security Development & Vulnerability management process.

Votre profil

General Qualifications:

• Bachelor/Master Degree in Computer Science or Engineering.
• Fluent in English/Italian (both spoken and written).
• At least 4/5 years of experience with information security.
• Preferred experience in retail – luxury or in any industry where intellectual property protection is relevant
• Security Certifications are a plus (e.g. CompTIA Security+, GIAC GISF, ISO 27001, etc.).
• Ability to constructively and proactively interact with other structures, suppliers and stakeholders, respecting needs of each role.
• Flexibility, autonomy, speed; highly assertive candidate, with strong goal orientation.
• Problem solving and strategic vision.

Cybersecurity Solutions:

• At least 4/5 years of proven experience as a cyber defense systems administrator, with hands-on experience in at least four of the following tools: EDR, AV, SIEM, Antispam, Devices Control, ISPM, CSLP, DSPM, DLP, WAF/Bot Manager.
• Knowledge of communication networks, architectures, infrastructures, and equipment in the Network Security area (Firewall, IPS, Balancer, WAF, VPN, Proxy, NAC, etc.).

Detection and Response (SOC/CERT):

• Proven experience as Incident Handler, encompassing response to issues and alerts, investigation, and remediation (directly or follow-up action).
• Experience in cyber incident detection leveraging cyber platforms.
• Understanding of Cyber Threat Intelligence, including monitoring threats, 3rd party and potential leaks, domain registrations, and fraudulent websites.
• Familiarity with Threat Hunting methodologies to proactively search for undetected threats and monitor suspicious scenarios triggered by detection rules.
• Ability to manage crises according to incident response plans.

Vulnerability Management:

• Good knowledge of the end-to-end Vulnerability Management process and related industry standards, such as CVE, CPE, CVSS.
• Good knowledge of the application development life cycle and secure development methodologies.

Operational Compliance:

• Good knowledge of SIEM tools or PowerBI for collecting compliance status and creating operational dashboards enabling continuous monitoring of compliance (security product coverage, log collection, issue handling, etc.) and ensuring adherence to best practices.

Offensive Audit:

• Plan and execute offensive security activities, including penetration testing, red teaming exercises, and bug bounties, to identify and exploit vulnerabilities proactively.
• Conduct configuration audits to ensure system robustness against malicious actors.