Information Security - Identity Lifecycle Management

Descripción del puesto:

Contract: Permanent/Full time

Compensation:

If you've worn a pair of glasses, we've already met.

We are a global leader in the design, manufacture, and distribution of ophthalmic lenses, frames, and sunglasses. We offer our industry stakeholders in over 150 countries access to a global platform of high-quality vision care products (such as the Essilor brand, with Varilux, Crizal, Eyezen, Stellest and Transitions), iconic brands that consumers love (such as Ray-Ban, Oakley, Persol, Oliver Peoples, Vogue Eyewear and Costa), as well as a network that offers consumers high-quality vision care and best-in-class shopping experiences (such as Sunglass Hut, LensCrafters, Salmoiraghi & Viganò and the GrandVision network), and leading e-commerce platforms.

Join our global community of over 190,000 dedicated employees around the world in driving the transformation of the eyewear and eyecare industry.

Discover more by following us on LinkedIn!

Your #FutureInSight with EssilorLuxottica

Are you willing to pioneer new frontiers, foster inclusivity and collaboration, embrace agility, ignite passion, and make a positive impact on the world? Join us in redefining the boundaries of what's possible.

Your role

You will be responsible for the management and coordination of activities within Company's Information Security Master Plan, related to Identity Lifecycle management and SoD Project and Initiatives. As Information Security Governance specialist you will be working across multiple teams, interacting with both IT and Business stakeholders, to facilitate, coordinate, advise, monitor and enable the implementation of the Information Security policies.​ This role will support the execution of strategic and cross-functional initiatives across the Governance domain, with a focus on awareness, training programs, project coordination, process and procedures risk management and security compliance.

Main responsibilities:

* Information Security Planning - Plan and estimate budget and time schedule for activities to be included into Information Security Master Plan.

* Oversight on maintenance and implementation of Information Security policies / procedures - Ensure the oversight of the implementation of the activities, identifying and reporting issues, risks and opportunities to the CISO / relevant stakeholders.

* Design and deliver awareness campaigns, workshops, and training initiatives tailored to different audiences.

* Support the selection and evaluation of training content and platforms, in collaboration with HR, Communication and other providers.

* Contribute to the definition and review of Identity Lifecycle models and controls and Segregation of Duties (SoD) in collaboration with Business owners, IT, HR, Risk Management, Privacy and Compliance, Internal Control and Internal Audit.

* Lead and coordinate the Identity Lifecycle and SoD projects for non-finance areas (i.e. SAP modules MM and SD), ensuring the extension of Identity Management governance to all business applications and data repositories.

* Collaborate with HR Business Partners (HRBP), Business Process Owners (BPO), and IT to define, implement, and maintain a centralized Role-Based Access Control (RBAC) library.

* Map, monitor, and evaluate application profiles (especially administrative roles) for non-finance departments, identifying anomalies and enforcing segregation of duties.

* Supervise and execute risk assessments for access requests outside the standard RBAC library, defining exception workflows and compensating controls.

* Validate new access or function requests against the approved role library and assess risks for exceptions or non-standard assignments.

* Define and enforce control processes for access provisioning, exception handling, and periodic reviews, including onboarding, role/function changes, and offboarding.

* Collaborate on the design and implementation of automated processes for onboarding, role changes, and offboarding, ensuring integration with HRIS and target systems.

* Support the periodic review and maintenance of the RBAC role library, working closely with HRBP and BPOs to refine roles and ensure SoD is maintained.

* Participate in incident investigations related to identity and access management, analyzing root causes and recommending improvements to lifecycle and SoD controls.

* Promote awareness and training on SoD principles and identity governance among business stakeholders, HR, and IT.

* Act as a governance and control point within the Identity Lifecycle Management process, ensuring that access delegation requests are appropriate, risk-assessed, and aligned with the RBAC model and SoD process.

* Contribute to the definition and review of SoD models and controls in collaboration with IT, Internal Control, HR, Risk Management and Internal Audit.

* Define and maintain a comprehensive KPI framework for RBAC lifecycle governance, including the design of automated dashboards and anomaly-detection metrics, the setup of threshold-based alerts and escalation workflows, and the regular reporting of access-governance performance and identified risks to the appropriate security and risk committed

Main requirements:

* Bachelor's degree in information security, Information Technology, Computer Science, Engineering, Statistical or similar

* At least 2 years of experience gained in the ICT Risk Management or Security area with particular focus on the Identity Management and Segregation of Duties;

* Knowledge of SAP Basis especially on User Profile & Security Management

* Knowledge of SAP GRC tool for risk analysis

* Knowledge of relevant business processes (i.e. Make-to-Deliver, Procure to Pay, Hire to Retire)

* Knowledge of international standards and best practices in domain of Information Security, Data Protections and Business Continuity (e.g. GDPR, ISO 27001, NIST 800-53, NIS2 etc.);

* Knowledge of relevant Information Security / Data Protection laws and regulations (e.g. Privacy, Health sensitive information, PCI DSS)

* Understanding of regulatory requirements for AI systems (ISO/IEC 42001:2023)

* Good project management skills, teamwork and individual accountability

* Adequate data analytic fundamental skills

* Proven ability to communicate to all levels in a technical and non-technical manner

* Knowledge about most common IT Security solutions.

* Excellent oral and written English language skills

Optional requirements:

* Professional information security certifications (such as CISM, ISO 27001 Lead Auditor, CISSP, CISA)

What's in it for you

In EssilorLuxottica, you are not defined just by your job title. Each career adventure is unique; have a glimpse of some of the benefits you will enjoy as a successful candidate:

* Access to our cutting-edge learning platform, Leonardo, and personalized development programs to help you grow professionally and personally.

* Enjoy flexible work conditions, health insurance coverage, ticket restaurants, internal rooftop canteen.

* Access special offers for employees on a vast range of eyewear, eye care products, and fashion apparel, so you can enjoy our world-class brands firsthand.

* Enjoy our "Disconnect Program" a holistic approach to work-life balance, including initiatives for mental health, yoga, jogging sessions, and more, designed to help you recharge and stay healthy.

Recruiting process

Our recruitment process may vary; If you are selected, you will be contacted by our recruiters to guide you through the specific steps for your application.​

Salary Package:

*

* Annual Gross Salary: 35.500 Eur - 53.000 Eur

* Comprehensive Benefits Package:

* Supplementary Health insurance coverage

* Supplementary Pension Plan

* Access to the EssilorLuxottica Corporate Welfare Catalog

* Transportation - Discounted pass

* Meal Vouchers as per company guidelines

* Exclusive employee discounts on company products

* Company-provided laptop and mobile phone

Our Diversity, Equity and Inclusion commitment​

We are committed to creating an inclusive environment for all employees. We celebrate diversity and provide equal opportunities to all, regardless of race, gender, ethnicity, religion, disability, sexual orientation, or any other characteristic that makes us unique