About OTB Group OTB is an international fashion group comprising the iconic, unconventional brands Diesel, Jil Sander, Maison Margiela, Marni and Viktor&Rolf. It also controls the Staff International and Brave Kid companies and holds a stake in American brand Amiri. OTB – short for "Only The Brave" – believes in the possibility of pushing beyond the frontiers of fashion and style to support the creativity of international talents and express in full the innovative spirit and uncompromising courage of its founder and chairman, Renzo Rosso. With more than 7,000 employees worldwide, the Group is founded on a digital approach centred on the consumer, a concrete long-term commitment to the creation of a sustainable, technologically driven business, and close attention to social issues through the OTB Foundation. OTB Spa is looking for a Cyber Security Manager to join its IT Corporate Department, within the Infrastructure & Operations division, reporting directly to the Infrastructure & Operations Director. The Cyber Security Manager will oversee all Cyber Security related activities within OTB group. Role overview The main responsibilities of the role will be : Coordinate Security Team Members in charge of: Managing and operating the L7 security tools such as EDR, EPP, WAF, IDS / IPS, SWG; Managing, configuring, patching, monitoring and fine-tuning Vulnerability & Application Scanning products; Setting security configuration standards for IT systems (e.g., operating system hardening, cloud security, etc.). Detecting and responding to cyber security threats; Performing security incident evidence gathering, evaluations, remediation, review and analysis; Interacting with External SOC and applying any suggested recommendations / remediation; Supporting the definition, development and monitoring of the OTB Group's cybersecurity strategy, ensuring alignment with risks and business priorities; Supporting all activities necessary to maintain compliance with major industry regulations (NIS2, GDPR, ISO 27001, national and European regulations). Conducting research on new security technologies to identify and establish good security governance; Working with other departments to define, maintain and update Information Systems Security policies, procedures, and practices; Supporting the third-party risk assessment process to rate third parties involved in data processing. Job requirements Degree in Computer Science, Engineering, Telecommunications, or Economics. At least 8 years of experience in Cyber Security. Familiarity with the NIST Cybersecurity Framework and a threat intelligence framework such as MITRE ATT&CK. In-depth knowledge of the main regulatory frameworks and international reference standards (NIS2, GDPR, ISO 27001, national and European guidelines). Professional security management certification, such as CISSP, CISM, SANS GSEC, Certified Ethical Hacker or other similar credentials, is highly desired. In-depth understanding of vulnerabilities management systems and common security applications. Hands-on experience and knowledge of technologies: Firewall, WAF, VPN, IDS / IPS, EDR, EPP, DLP, SWG, CASB, NAC, IAM. Penetration testing, vulnerability scanning, SIEM, SOAR, patch management solution, data leakage solution, DDOS prevention, DNS Security, Cloud Security. Proven experience supporting environments that include Microsoft Windows, UNIX, Macintosh OSX, Linux and mobile operating systems. Good influencing and project management skills. Experience working with multiple stakeholders from different functions and organizational levels. J-18808-Ljbffr