Global IT Cyber Security Incident Response Lead
Sesto San Giovanni, Milan, IT
Want to be a crowd-stopper rather than a crowd-pleaser? Become a Camparista
At this point, you may not know exactly what it takes to be a Camparista , but you have the makings to be one of us. We’re the independent minded and passionate achievers in the spirits industry, innovating the iconic.
Be Part of Our Signature Mix
Role Context and Mission
The Global IT Cyber Security Incident Response Lead plays a vital role in Campari's cyber security and OT cyber security operations. This role reports to the Global Security Operations Manager and operates in a diverse, multi-vendor environment. The analyst collaborates with different functions and platform teams, as well as Campari’s strategic security vendor, managing the Security Operations Center (SOC). A major part of this role is focused on automation, ensuring incidents are handled quickly and effectively, creating standards, processes and the related KPI’s and reporting dashboards.
- Security Incident Management:
· Collaborate with the SOC for efficient incident responses.
· Contribute to the development, execution, and review of attack simulations involving IT and business stakeholders.
· Participate in post-incident reviews, using feedback to refine response protocols, playbooks, SOPs, and the knowledge base. Aim to improve security metrics such as MTTD, MTTA, and MTTI.
· Drive automation/orchestration in incident resolution.
· Work with the SOC for accurate and timely evidence collection and forensic analysis in the event of data breach security incidents to determine the root cause and its impact.
· Develop and update the playbook/runbook systems and the correlating rules.
- Security Alert Management:
· Manage security alerts with the SOC.
· Oversee SIEM rules specific to Campari.
- Security Infrastructure Management & Collaboration:
· Assist in maintaining security tools.
· Handle systems like XDR and EDR in collaboration with the SOC provider.
· Participate in assessments and simulations to identify threats.
- Threat Hunting and Intelligence:
· Cooperate with the SOC to conduct threat hunting and Attack Simulation and Path Visualization using proper tools and collaborate with red/blue teams for attack simulations and resilience testing.
· Undertake regular vulnerability assessments.
· Work with Threat Intelligence providers to stay updated on new threats.
- Strategic Business & Cybersecurity Support:
· Support business strategies focused on OT observability.
· Offer insights during merger and acquisition processes.
· Collaborate with cybersecurity architecture and risk management teams.
· Ensure alignment with regulations and industry standards.
Who You Are
- Minimum 5 years of proven experience in Cyber Security in a multinational company with an IT outsourcing model or in an IT Consultancy firm focused on technology services. A past experience in FMCG/Industrial field is a plus.
- Fluent Italian and English, any other European language is an advantage;
- Degree in cyber security, computer science, engineering or equivalent is preferred;
- Proven experience in incident handling, playbook/runbook handling and forensic evidence collection.
- Experience with OT/IOT.
- Experience with cloud services and cloud SIEMs
- Experience with WAF, web proxy, firewalls, intrusion prevention/detection systems, mail content scanning appliances, EDR / XDR , and domain name servers desired;
- Experience in System Administration and Network;
- Excellent communication skills, versatility, flexibility and ability to work under pressure;
- Skilled in security incident response.
- Able to cooperate with various teams and vendors.
- Ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative and actionable manner.
- Ability to work under pressure.
- Cultural awareness and excellent team working skills.
- Strong problem-solving and troubleshooting skills
Cetifications (Nice To Have)
· Certified Information Systems Security Professional (CISSP)
· Cisco Certified CyberOps Associate
· GIAC Incident Handler (GCIH)
· Offensive Security Certified Professional (OSCP)
· EC-Council’s Certified Incident Handler (E|CIH)
· Incident Handling & Response Professional (IHRP)
· Certified Computer Security Incident Handler (CSIH)
Availability to travel internationally for short periods.
Our commitment to Diversity & Inclusion:
At Campari Group we believe in building more value together, thus we see diversity in all forms as a source of enrichment. Our employment policies and practices ensure that we are committed to providing equal employment opportunities in all aspects of employment without regard to any individual’s race, religion, creed, color, national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex, sexual orientation, gender identity or characteristics or expression, political affiliation or activity, age, veteran status, citizenship, or any other characteristic protected by law.
Note to applicants:
Your application will be assessed based on your abilities, expertise, general knowledge and experience, not because of any confidential, proprietary or trade secret information you may possess. You must not disclose to Campari Group any such information. In the event that you are asked a question that cannot be answered without disclosure of any confidential, proprietary or trade secret information (including from a current or prior employer or their vendors or customers), you must decline to answer the question.
Notice to third party agencies:
Please refrain from cold-calling or emailing our executive leadership team or the HR community directly. The Talent Acquisition department manages centralized recruiting operations globally, including the selection and management of external suppliers. Currently, our preferred supplier list is at full capacity. To ensure we have your information on file for future consideration, we kindly request that you complete the online form provided here.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Penetration Tester jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Senior Security Analyst jobs
- Open Cyber Security Architect jobs
- Open Cybersecurity Analyst jobs
- Open Security Operations Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Senior Cyber Security Engineer jobs
- Open Ingénieur DevSecops H/F jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Infosec Risk Manager jobs
- Open Agile-related jobs
- Open C-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Analytics-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open SaaS-related jobs
- Open DevOps-related jobs
- Open Threat intelligence-related jobs
- Open Security Clearance-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open CI/CD-related jobs
- Open Forensics-related jobs
- Open Splunk-related jobs
- Open IDS-related jobs