Richemont
Bellevue, GE, CH
Permanent
Richemont owns some of the world’s leading luxury goods Maisons, with particular strengths injewellery,watches, fashion and accessories. Each Maison represents a proud tradition of style, quality and craftsmanship and Richemont seeks to preserve the heritage and identity of each of its Maisons. At the same time, we are committed to innovation and designing new products which are in keeping with our Maisons’ values, through a process of continuous creativity.
CONTEXT
The Senior Manager, Group Cyber Incident Response (IR) is a critical leadership role within the Group CSIRT, reporting to the Head of Group Cyber Fusion Operations Center. This position is accountable for designing, executing and continuously maturing a unified, end-to-end incident response capability across all regions (APAC, EMEA and Americas). You will lead the Regional Cyber IR Managers in APAC, Europe and US, ensuring consistency of people, processes and tools; serve as the ultimate escalation point for major incidents; and deliver enterprise-wide visibility into cyber threat posture, response performance and control effectiveness.
HOW WILL YOU MAKE AN IMPACT?
Partner with the Head of Group Cyber Fusion Operations Center, Group CISO and CSO office to define and maintain a coherent, scalable incident response strategy and governance framework that aligns with the broader Security and Risk strategies
Establish global policies, standards, and playbooks; ensure regional adaptation while preserving consistency in methodology, tooling, and metrics
Directly manage three Regional Cyber IR Managers, setting objectives, conducting performance reviews, and fostering a culture of continuous learning and excellence
Drive talent development programs (mentoring, certification roadmaps, cross-regional rotations) to build bench strength and reduce single-points of dependency
Serve as the global escalation point for high-impact or cross-region incidents; coordinate executive-level communications and decisions
When needed act as Incident Commander ensuring coordination of filed activities, external stakeholders and executive reporting
Oversee post-incident reviews (PIRs) across regions, ensuring lessons learned drive actionable improvements in detection, containment, and recovery
Forward crisis management to C-Level
Operational Excellence & Continuous Improvement
Define enterprise-wide KPIs (e.g., Mean Time to Detect, Mean Time to Respond, playbook adherence) and dashboard reporting to provide the Head of CSIRT with real-time insights into IR effectiveness Lead quarterly IR maturity assessments, leveraging industry frameworks (e.g., NIST, SANS) to benchmark and prioritize investments in people, process, and technology
Playbook & Toolchain Management
Standardize and version-control incident response playbooks, ensuring they address emerging threat scenarios (e.g., supply-chain attacks, cloud compromises, ransomware) Evaluate and pilot advanced IR tooling (EDR/XDR, SOAR orchestration, threat intelligence platforms) to automate repetitive tasks and elevate analyst productivity
Stakeholder Engagement & Communication
Liaise with Global Security Operations, IT, Legal, Compliance, and Business Continuity teams to integrate incident response into enterprise risk management Present quarterly IR program reviews to the Security Leadership Team and provide executive summaries for the Audit & Risk Committee
HOW WILL YOU EXPERIENCE SUCCESS WITH US? Leadership & Communication
Exceptional people-management skills: Demonstrate ability to lead by example, inspire, coach, and hold accountable a geographically dispersed leadership team Active Listening: Prioritize attentive, non-judgmental listening to ensure all voices are heard and valued Executive-caliber communication: adept at translating technical findings into risk-based business recommendations Experience engaging with Boards, Audit Committees, and regulators on incident response posture, metrics, and compliance
Experience & Certifications
8+ years in Cyber Security, with at least 3 years managing multiple IR teams or managers in a global/multinational setting Proven track record coordinating large-scale, complex cyber investigations and cross-border incident escalations Industry certifications such as CISSP, GCIH, GCFA, GCIA or equivalent; advanced credentials (e.g., OSCE, GREM) highly desirable
Technical & Analytical skills
Deep understanding of modern threat landscapes, including advanced persistent threats (APTs), ransomware ecosystems, and cloud-native attacks Proficiency with SIEM, EDR/XDR, SOAR platforms, threat intelligence sources, and log analytics Strong data-driven mindset; able to derive insights from incident metrics, logs, and telemetry to guide strategic decisions
Personal attributes
Collaborative mindset with a bias for action under pressure High integrity, resilience, and commitment to driving a security-first culture Fluent in English; additional languages (e.g., French) are a strong asset
WHAT MAKES OUR GROUP DIFFERENT?
If the following job requirements and experience match your skills, please ensure you apply promptly. Our true power does not lie in our similarities but in the rich diversity of our arts, cultures, and human skills, as well as our specific ability to foster untapped potential. - We value freedom, collegiality, loyalty, and solidarity. - We foster empathy, curiosity, courage, humility, and integrity. - We care for the world we live in. YOUR JOURNEY WITH US 1. If your application is selected, our Talent Acquisition Partner will reach out to you shortly for an introductory call. 2. As a next step, you will have interviews with the Head of Group Cyber Fusion Operations Center, and any relevant internal stakeholder. Also, you will have a final interview with our HR Business Partner.
#J-18808-Ljbffr
Define enterprise-wide KPIs (e.g., Mean Time to Detect, Mean Time to Respond, playbook adherence) and dashboard reporting to provide the Head of CSIRT with real-time insights into IR effectiveness Lead quarterly IR maturity assessments, leveraging industry frameworks (e.g., NIST, SANS) to benchmark and prioritize investments in people, process, and technology
Playbook & Toolchain Management
Standardize and version-control incident response playbooks, ensuring they address emerging threat scenarios (e.g., supply-chain attacks, cloud compromises, ransomware) Evaluate and pilot advanced IR tooling (EDR/XDR, SOAR orchestration, threat intelligence platforms) to automate repetitive tasks and elevate analyst productivity
Stakeholder Engagement & Communication
Liaise with Global Security Operations, IT, Legal, Compliance, and Business Continuity teams to integrate incident response into enterprise risk management Present quarterly IR program reviews to the Security Leadership Team and provide executive summaries for the Audit & Risk Committee
HOW WILL YOU EXPERIENCE SUCCESS WITH US? Leadership & Communication
Exceptional people-management skills: Demonstrate ability to lead by example, inspire, coach, and hold accountable a geographically dispersed leadership team Active Listening: Prioritize attentive, non-judgmental listening to ensure all voices are heard and valued Executive-caliber communication: adept at translating technical findings into risk-based business recommendations Experience engaging with Boards, Audit Committees, and regulators on incident response posture, metrics, and compliance
Experience & Certifications
8+ years in Cyber Security, with at least 3 years managing multiple IR teams or managers in a global/multinational setting Proven track record coordinating large-scale, complex cyber investigations and cross-border incident escalations Industry certifications such as CISSP, GCIH, GCFA, GCIA or equivalent; advanced credentials (e.g., OSCE, GREM) highly desirable
Technical & Analytical skills
Deep understanding of modern threat landscapes, including advanced persistent threats (APTs), ransomware ecosystems, and cloud-native attacks Proficiency with SIEM, EDR/XDR, SOAR platforms, threat intelligence sources, and log analytics Strong data-driven mindset; able to derive insights from incident metrics, logs, and telemetry to guide strategic decisions
Personal attributes
Collaborative mindset with a bias for action under pressure High integrity, resilience, and commitment to driving a security-first culture Fluent in English; additional languages (e.g., French) are a strong asset
WHAT MAKES OUR GROUP DIFFERENT?
If the following job requirements and experience match your skills, please ensure you apply promptly. Our true power does not lie in our similarities but in the rich diversity of our arts, cultures, and human skills, as well as our specific ability to foster untapped potential. - We value freedom, collegiality, loyalty, and solidarity. - We foster empathy, curiosity, courage, humility, and integrity. - We care for the world we live in. YOUR JOURNEY WITH US 1. If your application is selected, our Talent Acquisition Partner will reach out to you shortly for an introductory call. 2. As a next step, you will have interviews with the Head of Group Cyber Fusion Operations Center, and any relevant internal stakeholder. Also, you will have a final interview with our HR Business Partner.
#J-18808-Ljbffr