Cyber Risk Governance Specialist
Luxembourg, LU
il y a 1m


Ferrero is a family-owned company with a truly progressive and global outlook and iconic brands such as Nutella®, Tic Tac®, Ferrero Rocher®, Raffaello®, Kinder Bueno® and Kinder Surprise®.

As the love for our brands continues to grow, so too does our global reach. Represented in 55 countries, with products sold in more than 170, the Ferrero Group is loved by generations around the world.

The secret to our global success? Nearly 35,000 dedicated employees who celebrate care and quality to craft a business, careers and brands we are proud of.

Join us, and you could be one of them.

About the Role :

For our Group's Headquarters in Luxembourg we are looking for a Cyber Risk Governance Specialist who will report managerially to Cyber Risk Governance.

The Cyber Risk Governance Specialist is responsible for supporting the definition of policies, procedures, operational guidelines or standards for Cybersecurity process while ensuring an overall direction for the Cybersecurity Information Security Management System.

The incumbent :

  • maintains and continuously helps evolving corporate Cybersecurity Policy & Procedures Framework, cooperating with the Cyber Risk Governance;
  • is responsible for executing Cyber risk management methodology, completing the more operational tasks and supporting Cyber Risk Governance in monitoring the overall Group Cyber Risk profile;
  • assists with the implementation of specific initiatives to support Cybersecurity compliance efforts in relation to an evolving global, legal and regulatory landscape.
  • Main Responsibilities :

    Main Tasks :

  • Support the definition and maintenance policy and procedure based on Ferrero’s environment and industry leading practices;
  • Support the integration of Cybersecurity risk and compliance aspects into other Group processes in a proper manner;
  • Perform Cybersecurity risks assessments (e.g. impacts and likelihood) to confirm or update risk levels;
  • Assist in the monitoring of intelligent tracking, prioritizing and responding to findings (remediation plans) to ensure effectiveness in reducing Cyber risks to an acceptable level;
  • Support the institution of a program of IT asset risk management;
  • Support the appropriate stakeholders in order to retrieve, map and classify the information handled by applications;
  • Support the evaluation of third-party providers of services in order to integrate the periodical Cyber Risk evaluation;
  • Support the execution of the activities developed to increase the understanding of Cybersecurity risk management and Cybersecurity compliance obligations, in collaboration with Training, Awareness and Communication.
  • Who we are looking for :

    Profile :

  • Master Degree in Information Technology or other related fields;
  • 3-5 years of work experience in a similar position or in cybersecurity strategy consultancy;
  • Work experience in the definition and maintenance of a Cybersecurity Policies, Procedures and Processes Framework leading to its evolution;
  • Experience in applying methodologies or processes to analyze Cybersecurity risks (e.g. impacts and likelihood evaluation) and to monitor Cybersecurity risk levels;
  • Experiences in Manufacturing and / or Food & Beverage Environment are considered a plus;
  • International mindset;
  • Team and collaboration orientation;
  • Problem solving and performance driven;
  • Effective written / verbal communication skills;
  • Outstanding analytical and conceptual skills;
  • Knowledge in :
  • In design and implementation of frameworks aimed to govern the Cybersecurity maturity of business environments;
  • Of the typical activities related to the interaction between an asset catalog and the application classification during a Risk Assessment;
  • In Cybersecurity international standards, law and regulations (e.g. ENISA, NIST, ISO27000).
  • IT Skills & Other :

  • Proficiency in MS Office skills Advanced in Excel;
  • Professional certifications are considered a plus, as :
  • ISO / IEC 27001 : 2013 Auditor / Lead Auditor;
  • GCCC : GIAC Critical Controls Certification;
  • CISM : Certified Information Security Manager;
  • CISA : Certified Information Systems Auditor;
  • Other equivalent certification.
  • Language Skills :

  • Fluency in spoken and written English;
  • Knowledge of Italian will be considered a plus.
  • How to be successful in the role and at Ferrero :

    Consumers, quality and care are at the heart of everything we do. So, to be successful at Ferrero, you’ll need to be just as consumer and product centric as we are - dedicated to crafting brilliant results for consumers around the world.

    Signaler cette offre d'emploi

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Mon email
    En cliquant sur « Continuer », je consens au traitement de mes données et à recevoir des alertes email, tel que détaillé dans la Politique de confidentialité de neuvoo. Je peux retirer mon consentement ou me désinscrire à tout moment.
    Formulaire de candidature