Apply on Employer Site

LVMH · 22 hours ago

Cybersecurity Manager

NYC Metro Area

Full-time

Onsite

Senior Level

$120K/yr - $160K/yr

5+ years exp

LVMH is a leading luxury goods company, and they are seeking a Cybersecurity Manager to oversee cybersecurity and cyber defense functions across the Fashion Group. The role involves ensuring compliance with security standards, conducting audits, and leading incident response efforts.

CosmeticsFashionJewelryManufacturingWine And Spirits

Hiring Manager

Sofia Quinonez

Responsibilities

Monitor and remediate IT asset compliance levels for all devices and servers, ensuring adherence to Group security standards

Conduct comprehensive end-to-end security audits with by the Group or appointed third parties to verify compliance with security policies and procedures and applicable regulations

Ensure compliance with data regulatory or industry standards such CCPA/CPRA or PCI/DSS in existing and evolving processes and systems

Ensure that all infrastructure, including that in warehouses, stores, call centers, offices, and third-party vendor facilities, is securely configured and compliant with Group security standards

Proactively review alerts generated from security scans of regional infrastructure and spearhead the development and execution of timely action plans, collaborating closely with infrastructure and application teams

Collaborate with the cloud infrastructure team and vendors to ensure that required patching levels are consistently met across all servers

Lead Group security assessments and, when necessary, conduct risk assessments for new projects and third-party vendors, ensuring 'security by design' in technology changes

Define and propose a strategic long-term plan to continuously evolve security design, processes, and technologies, ensuring the organization remains prepared in the face of evolving cyber threats and regulatory requirements

Collaborate with key security vendors to thoroughly investigate potential security incidents and emerging threats

Take immediate action to remediate identified threats or exploits, working in close partnership with regional, divisional, and Maison IT infrastructure, application, and service owners

Partner with the Regional CISO and the crisis management team in the event of a major security incident, ensuring a swift and effective response

Develop and deliver clear and concise communications and, where needed, provide training to the regional employee population on the latest cybersecurity guidelines and best practices

Maintain regular communication with retail and call center teams to stay informed about emerging threats and proactively disseminate warnings about known vulnerabilities

Collaborate with other IT leaders to effectively remediate security alerts and threats, while also educating IT teams on proactive cybersecurity practices and processes

Partner with business executive teams to champion cybersecurity awareness and promote the adoption of best practices throughout their respective Maisons

Provide comprehensive weekly and monthly reports to the CIO, CISOs, and Security Operations teams, detailing cybersecurity preparedness and the status of security alert and threat remediation efforts

Qualification

Cybersecurity managementPCI DSS complianceCloud securityIncident responseSecurity frameworksAuthentication protocolsNetwork administrationTraining skillsRetail experienceSecurity certificationsCommunication skillsLeadership skills

Required

5-10 years of progressive experience in a cybersecurity role

Expertise in payment processing and PCI DSS compliance

In-depth knowledge of cloud security principles and technologies (e.g., Wiz, Wallix, MS Azure, GCP)

Strong understanding of authentication protocols and technologies (e.g., OKTA, Active Directory)

Proficiency in Windows Server and Desktop operating systems

Hands-on experience with security solutions, including Log Analysis (e.g., Splunk), Antivirus (e.g., Sentinel One, Tanium), Intrusion Prevention Systems (IPS), Identity Access Management, Data Loss Prevention (DLP), Multi-Factor Authentication (MFA), and Single Sign-On (SSO)

Solid understanding of network administration principles and technologies (e.g., Palo Alto Firewalls, DNS, Routing Protocols, TCP/IP, VLANs, and VPNs)

Working knowledge of security frameworks such as PCI DSS, ISO 27000, COBIT, and NIST