Group Director, Cyber Security Response & Resilience
At Chanel, we are focused on creating an inclusive culture that nurtures personal growth, contributing to collective progress. We believe the uniqueness of each individual increases the diversity, complementarity, and effectiveness of our teams. We strongly encourage your application, as we value the perspective, experience, and potential you could bring to CHANEL.
About the Role:
CHANEL is looking for a Group Director, Cyber Security Response & Resilience to join our US InfoSec Team in New York City. You will play a leading role, reporting directly to the Head of Information Security. The ideal candidate is responsible for developing, implementing, enhancing, and overseeing information security operations, response, and resiliency within Chanel USA’s environment while enabling the business in a service-oriented Technology department. This role will translate technology and business risk requirements into processes and controls while developing metrics for measuring performance and risk reduction. It will interface and work closely with our corporate and global business partners across all regions and divisions of Chanel. Our ideal candidate will demonstrate a unique blend of leadership, information security domain expertise, strong technical acumen, business judgement, creativity, entrepreneurial spirit, communication skills, and embrace diverse perspectives.
What impact you can create at CHANEL:
- Through a deep understanding of the Chanel environment and technology stack including on-prem, cloud, and hybrid platforms as well as third parties, you will oversee company security event monitoring and incident response solutions and processes.
- Working across tooling and with our global security and infrastructure partners, you will oversee our vulnerability management program breaking down complex systems ensuring appropriate actioning, tracking, and ownership to minimize our risk exposure.
- In coordination with Tech leadership, Legal, and business heads, you will advise on disaster recovery readiness to ensure tech resiliency in business continuity planning.
- As a critical thinker and a doer, you will not just identify continuous monitoring, security operations, and resiliency program gaps but design them, oversee implementation, and influence adoption through dynamic steering.
- You will drive evolution by risk taking as a Tech leader, acting expeditiously in making decisions and recommendations, understanding the factors associated with decision-making in a matrix style organization.
You are energized by:
- Delivering security as a service to a large, complex organization with both online and physical retail presence in a rapidly growing environment with cyber threats that are continuously evolving.
- Developing and elevating security processes for efficiency and easy adoption while delivering high quality scalable solutions that minimize our cyber risk.
- Fostering a message that information security enables the business and its objectives by educating and garnering awareness to a range of audiences, both technical and non-technical, while also actively listening to their needs ensuring alignment with program versus organizational objectives.
- Working in a highly collaborative environment as a courageous leader and developing talent to support the growth of the business.
- Navigating complexity and monitoring risk on the regional and global level in close partnership with the wider Information Security team driving consistent transformation and change.
What you will bring to the team:
- Extensive Experience: Minimum of 10 years in technology, 8 years in hands-on information security roles, with demonstrated progression in responsibility and oversight. At least 3 years should be in a leadership capacity, managing teams effectively.
- SOC and Incident Management: Proven experience in leading a Security Operations Center (SOC) or managing an incident and crisis response team, with a track record of driving improvements in these areas.
- Vulnerability Management: Expertise in vulnerability management, including the use of scanning tools and performing in-depth analysis to identify and mitigate risks.
- Cloud Security Monitoring: In-depth knowledge of cloud security and cloud-native environments, including experience with major cloud platforms such as Azure, Google Cloud Platform (GCP), and Amazon Web Services (AWS).
- Vendor and Tool Management: Experience in overseeing and engaging with security service providers, as well as implementing and optimizing security tools.
- Standards and Frameworks: Proven experience in implementing and managing security programs based on industry standards and frameworks such as ISO 27001, NIST 800-53, and CIS benchmarks.
- Regulatory Knowledge: Familiarity with regulatory requirements such as PCI DSS 3.2.1 and CCPA/CPRA is preferred.
- Communication Skills: Exceptional presentation skills with the ability to articulate complex security concepts to senior leadership and business stakeholders, driving informed decision-making.
- Passion and Industry Fit: Strong enthusiasm for information security and a keen interest in contributing to the luxury retail sector, demonstrating an understanding of its unique challenges and opportunities.
Position Logistics:
- Partially Remote: Role requires a minimum of 3 days in-person office presence in the New York and/or Piscataway, New Jersey office.
- Bachelor’s degree in Computer Science, Information Technology, or a related field. Relevant security certifications (e.g., CISSP, OSCP, CISM, CISA, CEH) are highly desirable.
Compensation:
- The anticipated base salary range for this position is $133,900 - $190,000. Base salary is one component of the total compensation for this position. Other forms of variable pay may/will be offered for this position. Other components may/will include bonus potential, benefits, and/or perks.
Benefits and Perks:
- Wellbeing resources include dedicated paid time off for wellbeing (2-week August Office Closure) and a Wellbeing fund.
- Family and caregiving benefits (inclusive of parental leave, fertility support, MilkStork, and Care.com Membership).
- Generous paid time off policies to include vacation, holiday, sick and volunteer days.
- 401K and other incentives.
- Robust healthcare offerings; medical, dental, vision, MDLIVE (virtual care), One Medical, Flexible Spending Accounts (Health Care & Dependent Care), Health Savings Account and Employee Assistance Program.
- Life insurance, Accidental Death & Dismemberment, Short Term Disability, Long Term Disability, Health Advocate, International Business Travel Accident & Medical, and Commuter Transit & Parking.
Additional Information:
Chanel is a private company whose values are grounded in creating the conditions for people to perform at their best and feel fulfilled and confident in their work. We offer a unique work environment where individuals are encouraged to better understand the brand, the business, and motivations, so that together we can unlock the possibilities of growth.
Diversity and Inclusion:
- At CHANEL, we are intentional in promoting Diversity & Inclusion. We foster respect, empathy and dignity for all. We believe strongly that the diversity of our people across the full spectrum of human differences is essential to our organisation and the connections we have with each other and our clients.
- We offer Employee Resource Groups in the US that are voluntary, open to all, employee-led groups formed around a shared identity or lived experience, whose aim is to foster a diverse, inclusive, and equitable community aligned with the values and missions of the communities they support.
Career and Leadership Development:
- We have dedicated in-house teams focused on supporting the onboarding of employees, developing leadership skills via custom programs like Imagine Chanel People, Heart of Leadership and group and individual coaching, and blended online and live classes offered on our Bloom platform and by skilled trainers, such as Shape Your Career, to develop career building skills.
#J-18808-Ljbffr