Apply now »

Global IT Senior Specialist Cyber Security Incident Response

Date:  Oct 6, 2024
Location: 

Sesto San Giovanni, Milan, IT

Additional Location: 
Function:  IT
Seniority Level:  Mid-Senior level
Employment type:  Permanent
Workplace Type:  Hybrid
Company:  Davide Campari Milano N.V.

Campari Group today is a major player in the global branded spirits industry, with a portfolio of over 50 premium and super premium brands, marketed and distributed in over 190 markets around the world, with leading positions in Europe and the Americas.

 

Headquartered in Milan, Italy, Campari Group owns 22 plants worldwide and has its own distribution network in 22 countries, and employs approximately 4,000 people.

 

Shares of the parent company Davide Campari - Milano N.V. are listed on the Italian Stock Exchange since 2001. Campari Group is today the sixth-largest player worldwide in the premium spirits industry.

General Description of the Role and related Objectives


The Global IT Senior Specialist Cyber Security Incident Response is crucial in Campari Group's cybersecurity operations. Reporting to the Global Security Operations Manager, this role operates within a diverse, multi-vendor environment. The specialist works closely with various departments, such as the Security Operations Center and the Global Cyber Security Department. A significant aspect of their role is centered around the Security Incident Response process, the related playbooks and automation/orchestration, especially for the first 100 days.

 

Key Responsibilities and Activities

 

  • Security Incident Response Process:
    • Management of playbooks with a strong focus on corporate areas (Internal/External Communication, Legal & Compliance, HR, IT Operations, and other IT Centers of Excellence).
    • Development of new playbooks from scratch based on new events and emerging threats.
    • Mapping of playbooks on ServiceNow.
    • Incident simulations with all technical teams and participation in TableTop exercises.
  • Security Operation Management:
    • Take ownership of the events in partnership with the SOC for efficient incident responses.
    • Participate in post-incident reviews, using feedback to refine response protocols, playbooks, SOPs, and the knowledge base aiming to improve security metrics such as the MTT*s.
    • Drive the adoption of automation/orchestration in incident resolution.
    • Work with the SOC for accurate and timely evidence collection and forensic analysis in the event of data breach security incidents to determine the root cause and its impact.
    • Manage security alerts with the SOC and oversee SIEM rules specific to Campari.
  • Threat Hunting and Intelligence:
    • Cooperate with the SOC to conduct threat hunting and Attack Simulation and Path Visualization using proper tools and collaborate with red/blue teams for attack simulations and resilience testing.
    • Undertake regular vulnerability assessments.
    • Work with Threat Intelligence providers to stay updated on new threats.

 

Key Relationships

 

Internal: Global Cyber Security Managers; Global Service Delivery Tower Leads; Regional Service Managers; COE team.

External:  Technology and service providers.

 

Experience & Education

  • Minimum 3 years of proven experience in Cyber Security in a multinational company with an IT outsourcing model or in an IT Consultancy firm focused on security services.
  • Fluent Italian and English, any other European language is an advantage;
  • Degree in cyber security, computer science, engineering or equivalent is preferred;
  • Proven experience in incident handling, playbook/runbook handling and forensic evidence collection.
  • Experience with cloud services and cloud SIEMs
  • Excellent communication skills, versatility, flexibility and ability to work under pressure;
  • Certifications (highly valued):
    • Certified Information Systems Security Professional (CISSP)
    • Cisco Certified CyberOps Associate
    • GIAC Incident Handler (GCIH)
    • Offensive Security Certified Professional (OSCP)
    • EC-Council’s Certified Incident Handler (E|CIH)
    • Incident Handling & Response Professional (IHRP)
    • Certified Computer Security Incident Handler (CSIH)

 

Required Skills & Traits

  • Skilled in security incident response process and playbooks.
  • Able to cooperate with various teams and vendors.
  • Ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative and actionable manner.
  • Ability to work under pressure.
  • Cultural awareness and excellent team working skills.
  • Strong problem-solving and troubleshooting skills

 

Additional Requirements

 

Availability to travel internationally for short periods.

 

 

Our commitment to Diversity & Inclusion:

At Campari Group we believe in building more value together, thus we see diversity in all forms as a source of enrichment. Our employment policies and practices ensure that we are committed to providing equal employment opportunities in all aspects of employment without regard to any individual’s race, religion, creed, color, national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex, sexual orientation, gender identity or characteristics or expression, political affiliation or activity, age, veteran status, citizenship, or any other characteristic protected by law.

 

Note to applicants:

Your application will be assessed based on your abilities, expertise, general knowledge and experience, not because of any confidential, proprietary or trade secret information you may possess. You must not disclose to Campari Group any such information. In the event that you are asked a question that cannot be answered without disclosure of any confidential, proprietary or trade secret information (including from a current or prior employer or their vendors or customers), you must decline to answer the question.

 

Notice to third party agencies:

Please refrain from cold-calling or emailing our executive leadership team or the HR community directly. The Talent Acquisition department manages centralized recruiting operations globally, including the selection and management of external suppliers. Currently, our preferred supplier list is at full capacity. To ensure we have your information on file for future consideration, we kindly request that you complete the online form provided here.

Apply now »