Position Cyber Security Defense Expert is an IT professional who will support and assist the CISO in the design, implementation and maintenance of the company's security and compliance plan, ensuring alignment with group standards, practices, and principles across all regions. Job Responsibilities Support the Loro Piana IT Team & CISO in all activities related to new IT and digital projects. Enhance the 3rd party Security Operation Center and resolve security events and incidents. Lead incident response and manage crises. Coordinate and oversee security test activities (VA and Pen Test) for certification of new architectures and initiatives. Coordinate and oversee remediation programs (e.g., patch management and vulnerability fixes). Ensure communication and coordination with the group. Assist the CISO in coordinating outsourced projects for the implementation or enhancement of cyber security services (SIEM, EDR/AV, DLP, ANTISPAM, BAS, Red Team activities, etc.). Coordinate with the IT team to promote training activities in the Security Development & Vulnerability Management process. Profile General Qualifications Bachelor/Master Degree in Computer Science or Engineering. Fluent in English and Italian (spoken and written). At least 4-5 years of experience in information security. Preferred experience in retail – luxury or industries where intellectual property protection is relevant. Security certifications are a plus (e.g., CompTIA Security+, GIAC GISF, ISO 27001). Ability to constructively and proactively interact with other structures, suppliers, and stakeholders. Flexibility, autonomy, speed; highly assertive with strong goal orientation. Problem solving and strategic vision. Cybersecurity Solutions At least 4-5 years of proven experience as a cyber defense systems administrator, with hands‑on experience in at least four tools: EDR, AV, SIEM, Antispam, Devices Control, ISPM, CSLP, DSPM, DLP, WAF/Bot Manager. Knowledge of communication networks, architectures, infrastructures, and equipment in the Network Security area (Firewall, IPS, Balancer, WAF, VPN, Proxy, NAC, etc.). Detection and Response (SOC/CERT) Proven experience as Incident Handler, encompassing response to issues and alerts, investigation, and remediation. Experience in cyber incident detection leveraging cyber platforms. Understanding of Cyber Threat Intelligence, monitoring threats, 3rd party and potential leaks, domain registrations, and fraudulent websites. Familiarity with Threat Hunting methodologies to proactively search for undetected threats and monitor suspicious scenarios triggered by detection rules. Ability to manage crises according to incident response plans. Vulnerability Management Good knowledge of the end‑to‑end Vulnerability Management process and related industry standards (CVE, CPE, CVSS). Good knowledge of the application development life cycle and secure development methodologies. Operational Compliance Good knowledge of SIEM tools or PowerBI for collecting compliance status and creating operational dashboards enabling continuous monitoring of compliance (security product coverage, log collection, issue handling, etc.). Offensive Audit Plan and execute offensive security activities, including penetration testing, red teaming exercises, and bug bounties, to identify and exploit vulnerabilities proactively. Conduct configuration audits to ensure system robustness against malicious actors. #J-18808-Ljbffr