Job Information
EssilorLuxottica Information Security Incident Expert in Milano, Italy
Information Security Incident Expert
Date: Apr 16, 2024
Brand: Corporate
Location:
Milano, IT
WHO WE ARE
We are EssilorLuxottica, a global leader in the design, manufacture and distribution of ophthalmic lenses, frames and sunglasses. The Company brings together the complementary expertise of two industry pioneers, one in advanced lens technologies and the other in the craftsmanship of iconic eyewear, to create a vertically integrated business that is uniquely positioned to address the world’s evolving vision needs and the global demand of a growing eyewear industry.
With over 180,000 dedicated employees in 150 countries driving our iconic brands, our people are creative, entrepreneurial and celebrated for their unique perspectives and individuality. Committed to vision, we enable people to “see more and be more” thanks to our innovative designs and lens technologies, exceptional quality and cutting-edge processing methods. Every day we impact the lives of millions by changing the way people see the world.
JOB SCOPE AND MAIN RESPONSIBILITIES:
In this role you will join the Company’s Detection & Response Team, and you will be responsible for monitoring, classify, escalating, and respond to Information Security threat/incidents, in tight coordination with both MSSP and all relevant internal stakeholders. You will also focus on improving MSSP service as well as build reports on information security incidents.
AREAS OF RESPONSIBILITIES AND RELATED ACTIVITIES:
Incident investigation - Investigate alerts raised by Company’s SOC/other sources to evaluate potential threat against Company’s assets.
Incidents Escalation - Escalate security incidents to internal stakeholders.
Incident Reporting - Write up security incident reports detailing the attack, its characteristics, and possible remediation activities.
Management of MSSP - Manage the MSSP to ensure continuous improvements of correlation rules as well as integration of relevant log sources.
Periodic review of Incidents - Routinely review security incidents for adherence to the established procedures and guidelines.
Identify opportunities for Information Security Incident process improvement.
NETWORK OF INTERACTION:
INTERNAL: You will join Information Security Team and you will be asking to interact with both IT and Business stakeholders within the Company across its geographies (e.g. EMEA, US, LATAM, China, Australia, etc.).
EXTERNAL: You will be asking to interact with Suppliers as well as Business Partners.
TECHNICAL SKILLS – PORTRAIT OF A PERFECT CANDIDATE:
Bachelor’s degree in Information Security, Information Technology, Computer Science, Engineering, or similar strongly desired.
Professional information security certifications (such as CEH, ECIHv2, OSCP, CISA, CISSP, CISM) strongly desired.
Knowledge of cyber-attacks and techniques, threat vectors, vulnerabilities, incident response, malware analysis, reverse engineering.
Experience in security logging and most common SIEM solutions (e.g. Splunk).
Up-to-Date of current vulnerabilities, attacks techniques and countermeasures.
Proficient in preparation of Information Security Incident reports, dashboards and documentation.
Knowledge about most common IT Security solutions.
Knowledge of core IT Processes (operations, software development, etc.).
Articulate security issues, both verbally and written.
English Fluent
Job Segment: Business Process, Ophthalmic, Management, Healthcare