CHIEF INFORMATION SECURITY OFFICER (CISO)

Guess Europe Sagl Bioggio Switzerland Other

Company Description

In 1981, GUESS sold its very first pair of jeans to Bloomingdale's department store. Since then, GUESS has grown, becoming one of today's most recognized and influential apparel brands in the world.

The continued dedication and commitment of our employees is the driving force of GUESS. Our talented professionals focus on leading the company with their vision of success. Join the team at GUESS Europe and bring your vision to life.

GUESS Europe is seeking eager, passionate individuals to uphold our commitment to the spirit of the GUESS family of brands including GUESS, Marciano, GUESS Factory.

Position

PURPOSE OF THE JOB:

The CISO provide the strategic vision of cybersecurity, implementing programs for the protection of information assets, defining processes to limit the risks associated with the adoption of digital technologies, and in providing an “external” view on business processes that impact information security and in maintaining visibility of the Guess's cybersecurity plans for management and institutions.

In its role the CISO will be accountable about plans, milestones, policies and procedures. It will take care to share with all stakeholders involved in the Corporate organization (IT, infrastructure, internal security, legal, compliance, etc.) drafts and development of these to be sure about their feasibility and concreteness within the Company’s reality and then correctly assessed.

CORE JOB RESPONSIBILITIES:

The main target is to standardize, develop, maintain and asses business processes that impact cybersecurity, and provide the guidance in collaboration with the corporate functions involved in order to:

  • Define proper security governance intended to Policies, Procedures and systems by which the organization manages and controls cybersecurity activities
  • Maintain and develop the cybersecurity governance structure
  • Define with the stakeholders and implement a 36-month cybersecurity roadmap, with quarterly milestones
  • Report to management on the status, plans and investments related to the roadmap mentioned above
  • Managing relations with institutions on data and information security issues, providing support in the preparation of meetings, deliverables, etc.

Requirements

  • Education: Bachelor's Degree
  • Experience Level:
    • 8+ Years in working in a complex IT security environment with Public Key Infrastructure, High Security Modules (HSM), Intrusion Prevention System (IPS) and Intrusion Detection System (IDS)security appliances, problem diagnosis and security optimization in a large enterprise.
    • Familiarity with Payment Card Industry Data Security Standard (PCI DSS) and IT General Controls (ITGC).
    • Familiarity with SOX general operating controls.
  • Required Certifications:
    • Bachelor’s Degree in Computer Science, Information Technology, Engineering or a related discipline.
    • Certification in Information Security field is a must.
    • Mandatory: CISSP (Certified Information System Security Professional)
    • Nice to have:
      • CISM (Certification Information Security Management)
      • CRISC (Certification Risk & Information Systems Control)
      • CGEIT (Certification governance of enterprise IT)
      • GPEN: (Certification of the SANS Institute)
      • OSCE (Offensive Security Certified Expert)
      • OSWP (Offensive Security Wireless Professional)
      • CHFI (Certified Hacking Forensic Investigator)
      • CEH (Certified Ethical Hacker)
      • PALOALTO ACE (Accredited Configuration Engineer)
      • CCIE (Cisco Certified Internetwork Expert)
      • CCDE (Cisco Certified Design Expert)
      • CCNA (Cisco Certified Network Associate)
  • Other Knowledge or Skills:
    • Security technology including firewall, intrusion prevention, web filtering, log monitoring, and data loss prevention.
    • Security concepts including network segmentation, demilitarized zones, tiered architecture, and encryption.
    • Work independently without close supervision.
    • Must be a critical thinker with the ability to come up with original and/or creative security ideas.
    • Strong relationship management to work/consult with users.
    • Strong verbal and written communication skills.
    • Strong ability to interpret impact of security choices.
    • Strong work ethic and self-motivated to get the job
    • Sense of ownership and pride in the performance and its impact on company’s success
    • Good knowledge of written and spoken English is mandatory. Any other European language is considered as a plus

Apply

Already registered? Click here

Not registered? Complete the form

Click here (or drag and drop) to Upload a file
doc, docx, txt, rtf, pdf, odt (Max: 2 MB)

Click here (or drag and drop) to Upload a photo
jpg, jpeg, gif, png (Max: 2 MB)

PRIVACY NOTICE- RECRUITMENT


1. About Guess Europe Sagl and This Recruitment Privacy Notice

This privacy notice is intended to inform you, as an applicant, about what personal Guess Europe Sagl (“we” or “us”) collects from you during the recruitment process, as well as how and why we process this personal data. Personal data is any information by which a natural person can be identified, whether directly or indirectly. This privacy notice also explains your rights under the EU General Data Protection Regulation (the “GDPR”) and how you can exercise them.


2. Identity and Contact Details of the Data Controller

The data controller is Guess Europe Sagl, with its registered office at Strada Regina 44, CH-6934 Bioggio – Switzerland.

For information regarding data protection matters, you may contact us at HR.Privacy.Switzerland@guess.eu.


3. What Personal Data We Process and How It Is Collected

The types of personal data that we collect from you or third parties (including our recruitment agency partners) involved in the recruitment process will depend on the job you are seeking. As part of the recruitment process, we process the following personal data (which, in this privacy notice, will be referred to, collectively, as “Personal Data”) about applicants (but may not necessarily process all of the following Personal Data in relation to every applicant):


  • Contact details: your full name, address, e-mail address and telephone number;
  • Educational background: details of the schools and universities you attended, any diplomas, certifications, or other qualifications you have achieved, grades and scores obtained;
  • Work history: your previous professional experiences, details of the responsibilities you held, performance-related information (including any references you have been given) and the contents of your resume or C.V.;
  • Other: details of any previous position applied for with us and the outcome of your application; any of your interests or preferences which you may provide as being relevant to your application; your responses to any specific competency questions posed as part of the application process.


If you choose not to provide us with your Personal Data or if you provide insufficient or inaccurate Personal Data, we may not be able to process your recruitment application. We will not collect and process any Personal Data that is prohibited by applicable law.


4. How We Process Your Personal Data (Purposes and Legal Bases)

We process your Personal Data for the following purposes (together the “Recruitment-Related Purposes”):


  • Assessing your application and suitability to a particular role;
  • Contacting you and communicating information to you about the recruitment process and any assessments, interviews and other similar activities we may request that you participate in for the purpose of your application;
  • Ensuring that we can accommodate any disabilities or other specific requirements you have;
  • In order to identify you in the future if you apply for another position within Guess Europe Sagl, within 24 months of the data on which your application is made.


We process your Personal Data because it is necessary in order to take steps to consider your application prior to establishing a professional relationship with you or where you have given your consent.


Such processing will be carried out for the Recruitment-Related Purposes, by the people involved in recruitment-related activities, and specifically by our HR Department and the hiring manager.


Additionally, we may process your Personal Data as necessary in order to comply with legal and regulatory requirements and, for the purpose of establishing, exercising or defending legal claims, to pursue our legitimate interest of defending our business’ interests (we always consider your rights and freedoms and process your Personal Data for our legitimate interest only where we do not think that your rights will be infringed). You may request information on how we take your rights and freedoms into account, should we process your Personal Data to pursue our legitimate interests, by contacting us at HR.Privacy.Switzerland@guess.eu


We will only process your sensitive Personal Data where (i) you have given your explicit consent to processing of such Personal Data for specific purposes, or (ii) such processing is legally required by, or necessary for us or for you to exercise rights under, employment, social security or social protection legislation law.


We will process your Personal Data through both electronic and non-electronic means.


Where the recruitment process results in the establishment of a professional relationship, it will be necessary for us to undertake further processing of your Personal Data; a new privacy notice will be provided to you in advance of such further processing.


5. Who Are the Recipients of Your Personal Data and Where They Are Located

We store your Personal Data in Switzerland and USA. Within Guess Europe Sagl. access to your Personal Data is restricted to our HR Department and the hiring manager, who need to process your Personal Data by reason of their duties and who act under our authority and process your Personal Data on our instructions. European Commission’s adequacy decision No. 2000/518/EC of 26 July 2000 recognizes Switzerland as a country ensuring an adequate level of protection for personal data. Individuals who work in the Human Resources departments of Guess Inc. (in the United States) may also have access to your Personal Data as we use the services of these companies for Recruitment-Related Purposes. Transfers of your Personal Data to the United States, which is a country that the European Commission has not recognized as ensuring an adequate level of protection, occur on the basis of data protection model clauses approved by the European Commission. You can request a copy of these clauses by contacting us at HR.Privacy.Switzerland@guess.eu


We may also disclose your Personal Data (particularly full name, address, e-mail address and telephone number) to external advisors (e.g., lawyers) located in the European Union.


We may need to use, share or disclose your Personal Data to governmental agencies and regulators, courts and other tribunals and government authorities if required in response to litigation, investigations or for other legally required disclosures.


6. For How Long Do We Retain Your Personal Data

In connection with the Recruitment-Related Purposes, we will retain your Personal Data only for as long as necessary to process your application and, in any event, for no longer than 24 months from their collection. We may keep your Personal Data for a longer period for Recruitment-Related Purposes after obtaining your consent. Such consent may be withdrawn at any time (but please note that the withdrawal of consent will not affect the lawfulness of processing undertaken prior to such withdrawal). For the purpose of withdrawing your consent, please contact us at HR.Privacy.Switzerland@guess.eu


Regarding our processing of your Personal Data in order to comply with legal and regulatory requirements, we will retain your Personal Data for no longer than is strictly necessary to comply with any applicable requirement. Should we need to process your Personal Data for the purpose of establishing, exercising or defending legal claims, we will retain your Personal Data for no longer than is strictly necessary to pursue the litigation (taking into account the applicable limitation period).


7. Security Measures

We have suitable security measures in place to help protect against the loss of, misuse of, unauthorized access to and alteration of your Personal Data.


8. What Are Your Rights Regarding Your Personal Data and How To Exercise Them

Under applicable data protection legislation, you have the right to:


  • Access: you may contact us at any time to request access to Personal Data and we will confirm whether we are processing Personal Data and for which purposes as well as provide details of the categories of Personal Data concerned, the recipients of the Personal Data and the retention periods (on request, we can also provide you with a copy of the Personal Data).
  • Rectification: if the Personal Data that we hold appear to be inaccurate or incomplete, you may ask us to correct or complete it at any time.
  • Erasure: you may ask us to have Personal Data erased if they are no longer necessary in relation to the purposes for which we have collected them. However, we may have to keep track of certain information for complying with legal obligations and thus, in certain circumstances, we may not be able to fully delete the Personal Data.
  • Restriction: in certain circumstances, it may be possible to require us to limit the way in which we process Personal Data (i.e., require us to continue to store your Personal Data, but not otherwise process them without your consent). Such circumstances include:
  • where you think the Personal Data we hold about you are inaccurate, processing can be restricted while it is being rectified;
  • where you object to our processing, processing can be restricted while we determine whether such grounds override your interests;
  • where processing is unlawful but you oppose the erasure and request restriction of yourPersonal Data instead; and
  • where we no longer need the Personal Data but you require the Personal Data in order toestablish, exercise or defend a legal claim, our processing can be restricted.
  • Object: where we are processing your Personal Data without your consent to pursue ourlegitimate interests, you may object to this processing on grounds relating to your particularsituation.
  • Portability: regarding Personal Data that we process by automated means based on a contractwith you or on your consent, you may ask us to receive the Personal Data you provided to us in anelectronic, structured, commonly used and machine-readable format and have your PersonalData transmitted directly from us to another controller, where technically feasible.
  • Withdraw your consent: where you have given consent to the processing of Personal Data, youmay at any time decide to withdraw this consent. Withdrawal does not invalidate the consent-based processing that occurred prior to withdrawal.


To exercise your rights or for any other queries, you can contact: HR.Privacy.Switzerland@guess.eu


When contacting us in connection with any of your rights describe above, you should provide sufficient identifying information, such as name, address, and birth date before your request can be processed.


You may also get directly in touch with Guess Europe Sagl Data Protection Officer about any issue relating to the processing of your Personal Data by sending an e-mail to dpo.privacy@guess.eu


Right to Lodge a Complaint with a Supervisory Authority

If you believe that we are processing your Personal Data in a way that infringes applicable data protection laws, you also have the right to lodge a complaint with the Data Protection Authority in the EU Member State of your usual residence, place of work or place of the alleged infringement.

(If you do not accept, your request cannot be processed)
(Fields marked with * are required)