Kerja Sepenuh Masa, Information Security, Assistant Manager di LVMH Perfumes & Cosmetics - Maukerja

L Beauty is a Joint Venture between LVMH and Luxasia (Singaporean group) in charge of the distribution of 7 brands of LVMH Perfumes and Cosmetics products in South-East Asia Local Markets (Indonesia, Malaysia, Thailand, Philippines, Singapore & Vietnam).

Organization

Reporting to: Frédéric Jactel, Beauty Tech APAC CIO

Location: Singapore

Purpose of the job

As a Regional Information Security Manager for APAC, you will report to the Beauty Tech Chief Information Officer for the APAC Region.

You will work closely with the Beauty Tech / LVMH global Cybersecurity team and with Regional and Local IT Teams to ensure the correct implementation of the Beauty Tech Cybersecurity Policy on the APAC scope.

In particular, you will monitor the roll-out of the different action plans linked to the implementation of the Cybersecurity policy, identify cybersecurity risks and follow up associated action plans and ensure proper management of cybersecurity incidents.

Main responsibilities

As Regional Information Security Manager for Beauty Tech, your main missions will be:

Ensure the roll-out of the global Beauty Tech Cybersecurity Policy on the APAC scope

• Align with Beauty Tech global Cybersecurity team on priorities and roadmaps
• Contribute to the evolution of the global Cybersecurity Policy, guidelines and documentation
• Provide support to Data Privacy teams in the different Markets
• Provide support to Local and Regional Teams to implement security actions / projects
• Roll-out controls defined by the global Beauty Tech Cybersecurity Team to monitor the level of compliance with the Cybersecurity Policy and define new controls if needed
• Manage exceptions to the Cybersecurity Policy

Promote a Cybersecurity culture across the organization

• Regularly communicate on best security practices to Regional and Local IT Teams in alignment
• Relay global awareness and training programs issued by the global Beauty Tech Cybersecurity team and set up specific awareness / trainings if needed

Set up and maintain a Security by Design process to ensure integration of cybersecurity in new projects and initiatives at Regional and Local scales

• Set up processes with Regional and Local IT Teams to ensure integration of cybersecurity in new projects based on framework and tool provided by global Cybersecurity team
• Perform risk analysis on the projects and provide action plan to project teams to reduce identified risks
• Share risks identified with global Cybersecurity team and report major risks to Regional CIO

Manage Cybersecurity audits on the APAC scope

• Organize cybersecurity audits for key Regional and Local projects before go-live
• Organize regular cybersecurity audits on critical infrastructures / applications deployed in the Region and in the different Markets
• Contribute to global cybersecurity audits that might be led on the
• Follow up correction plans coming from the different audits

Manage Cybersecurity incidents on the APAC scope

• Serve as point of contact for the global CyberSOC for all cybersecurity incidents
• Provide support to Regional and Local IT teams for the understanding of incidents raised by the CyberSOC and necessary remediation actions
• Follow up the correct resolution of cybersecurity incidents by Regional and Local IT teams
• Participate to the global response team in case of a major incident on Beauty Tech scope
• Suggest improvement plans based on the return of experience of previous incidents

Relationships

Within LVMH Beauty Tech:

• Global Cybersecurity team (CISO, CyberSOC, Audit team, Security by Design team)
• Regional Beauty Tech teams and Local IT Managers

With LVMH Beauty Maisons:

• Legal teams (on compliance, data privacy, …)
• Business teams (on security by design, risk assessment, …)
• End-users (on awareness, incident management, …)

With LVMH Group

• Regional / Local Security Teams from LVMH IT

Profile

Job skills

• Knowledge of key security standards (ISO 2700X, PCI-DSS, CIS, NIST, OWASP, …)
• Risk Management

Technical skills

• Cybersecurity
• Network
• Windows and Linux systems
• Cloud
• Familiar with privacy regulations

Experience

• 5-10 years of experience in Cybersecurity

Languages

• English