MAIN PURPOSE

The APAC IT Control manager ensures that the Technology department in the region adheres to Richemont security standards (“Group Security Policy”) as well as relevant external regulatory compliance requirements (data privacy, industry standards,..).

1. Technology Asset Protection Management

She/he will be in charge to define/maintain regional Technology security standards, promote awareness of such standards, and support the design, the implementation and the operating effectiveness of relevant security and compliance controls within the regional Technology landscape.

2. Compliance Management

She/he closely shares and collaborates with the different security and compliance functions such as IT , the Group Security community, the regional risk and compliance stakeholders and relevant business stakeholders.

3. Audit Management

She/he oversees and coordinates with asset owners any risk and compliance assessments activities to take place around Technology services/assets in the region.

4. Project Security Management

She/he acts as the key interface of the Technology community in the context of security and compliance activities within the perimeter of the APAC region. Systematic involvement in the different regional Technology projects in order to ensure that relevant security controls are designed and implemented by Technology project teams.

KEY RESULT AREAS AND MAIN RESPONSIBILITIES

• Coordinate and monitor compliance and security Technology assessment efforts with both external (local regulators, external auditors,..) and internal stakeholders (e.g. internal vulnerability assessments,…).
• Establish and maintain a trusted relationship with key business stakeholders (Group, Region and Maisons) and Technology teams (incl. Infrastructure, Enterprise Application & Digital), as well as relevant Security, Risk & Compliance stakeholders in the region and beyond.
• Support the APAC region and Maisons in achieving compliance with our Group Security Policy and external relevant compliance requirements (ICS,..).
• Further develop/document/maintain Technology standards comprising security and compliance relevant aspects.
• Coordinate implementation of Group Technology standards within the Region and provide visibility regarding implementation gaps identified.
• Translate security and compliance requirements into Technology security and compliance controls.
• Define and agree co-jointly with Technology functions, security and compliance remediation plans when gaps have been identified.
• Actively support the remediation of vulnerabilities identified by internal and/or external teams at the regional level and impacting the regional Technology landscape.
• Actively support the Cyber Resilience team at the regional level in handling of regional security incidents (e.g. user investigation/remediation, root cause analysis & reporting) when requested
• Maintain regional Technology asset inventory and support classification of applications/solutions

Richemont owns several of the world's leading companies in the field of luxury goods, with particular strengths in jewellery, luxury watches and writing instruments. The Group's luxury interests encompass several of the most prestigious names in the luxury industry including Cartier, Van Cleef & Arpels, Piaget, Baume et Mercier, Chloe, Vacheron Constantin, A. Lange & Söhne, Jaeger-LeCoultre, IWC, Panerai, Roger Dubuis, Dunhill and Montblanc.