Job Location : Luxembourg
Ferrero is a family-owned company with a truly progressive and global outlook and iconic brands such as Nutella®, Tic Tac®, Ferrero Rocher®, Raffaello®, Kinder Bueno® and Kinder Surprise®.
As the love for our brands continues to grow, so too does our global reach. Represented in 55 countries, with products sold in more than 170, the Ferrero Group is loved by generations around the world.
The secret to our global success? Nearly 35,000 dedicated employees who celebrate care and quality to craft a business, careers and brands we are proud of.
Join us, and you could be one of them.
About the Role :
For our Group's Headquarters in Luxembourg we are looking for an Information Protection & Identity Governance Manager who will be responsible for achieving and maintaining appropriate protection of corporate information.
More specifically he / she will :
Design, implement and manage processes and tools to classify, monitor and protect information during its life-cycle by preventing unintentional and unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction;
Be in charge of ensuring that users who access Ferrero’s systems are appropriately identified, authenticated and authorized;
Provide overall direction for guaranteeing a secure access to Ferrero’s resources in compliance with Group policies, privacy and legal requirements.
Main Responsibilities :
Main Tasks :
Design, build, implement, and maintain an information protection framewor;
Define objectives to enhance information protection and plan strategies for maintaining the confidentiality and integrity of information;
Define objectives, strategy and future models of Cybersecurity identity and access management processes;
Identify in consultation with other departments protective measures and rules necessary to safeguard corporate information during its life cycle;
Select and implement Cybersecurity technologies for the classification and protection of corporate information, to identify misuse, leakage and unauthorized access to corporate information;
Design, build, implement and maintain an identity and access governance framework;
Harmonize identity and access management solutions in alignment with Group policies and legal requirements;
Identify and manage necessary adjustments to keep identity and access management methodologies and processes up to date while enhancing efficiency and effectiveness of implemented cybersecurity technologies;
Support training and awareness material production as well as training delivery to end users in order to reinforce the understanding of managing appropriately the criticality level of corporate information and know-how;
Define communication contents to spread information classification and protect best practices across organization;
Coordinate incident management activities related to the response to Cybersecurity incidents involving Ferrero information;
Advisory activity for Privacy and GDPR technology landscape;
Support the definition and management of the budget related to information protection.
Who we are looking for :
Master Degree in Information Technology or other related fields;
5+ years of experience in a similar position or in Cybersecurity consultancy and cybersecurity system integrators;
Experiences in Manufacturing and / or Food & Beverage Environment are considered a plus;
Outstanding analytical and conceptual skills;
Team and collaboration orientation;
Problem solving and performance driven;
Effective written / verbal communication skills;
Knowledge of Cybersecurity techniques and solutions to classify, protect and monitor information;
Good knowledge of the major tools used for Information Protection :
Discovery & classification (e.g. Microsoft Varonis, Microsoft Azure AIP, Titus);
Data Loss Prevention (e.g. Symantec, Forcepoint, Mcafee);
Right Management System (e.g. Microsoft RMS, Boole Server, Oracle IRM);
Data Encryption & Hardware Security Module (e.g. Gemalto, Thales);
Knowledge of :
Cybersecurity techniques and solutions for Identity & Access Management / Governance;
Tools used to manage identity of users (e.g. SAP IDM, O365, etc);
IAM / IAG Vendor technologies or skills (e.g SailPoint, RSA / Aveska, ForgeRock, Okta, CyberArk, PingIdentity, etc.);
Good knowledge of Cybersecurity international standards, law and regulations (e.g. ENISA, NIST, GDPR, ISO27000) with particular focus on information protection and on Identity and Access Management;
Sybersecurity incidents response.
Experience in :
Implementing and managing information classification and protection projects, in responding to Cybersecurity incidents with an impact on corporate information;
Setting-up and maintaining an identity and access governance framework and coordinate relative activities;
Designing and delivering solutions to manage digital identity and related credentials and authentication methods;
Enthusiasm and commitment to excellence with a result-oriented approach;
A fast learner who rapidly moves up the learning curve and wants to continue to take over new responsibilities;
Ethical and strong personal values.
IT Skills & Others :
Proficiency in MS Office skills Advanced in Excel.
Professional Certifications such as ISC2 CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor), ISO / IEC 27001 : 2013 (Auditor / Lead Auditor),GCCC : GIAC (Critical Controls Certification), ITIL Certified Professional, COBIT Certified Professional will be considered a plus.
Fluency in spoken and written English;
Knowledge of any other European language will be appreciated.
How to be successful in the role and at Ferrero :
Consumers, quality and care are at the heart of everything we do. So, to be successful at Ferrero, you’ll need to be just as consumer and product centric as we are - dedicated to crafting brilliant results for consumers around the world.