Share this Job

Cyber Risk Governance Specialist

Job Location: ​Luxembourg​

Company description

Ferrero is a family-owned company with a truly progressive and global outlook and iconic brands such as Nutella®, Tic Tac®, Ferrero Rocher®, Raffaello®, Kinder Bueno® and Kinder Surprise®. As the love for our brands continues to grow, so too does our global reach. Represented in more than 50 countries, with products sold in more than 170, the Ferrero Group is loved by generations around the world. The secret to our global success? 38,767  dedicated employees who celebrate care and quality to craft a business, careers and brands we are proud of. Join us, and you could be one of them.

Diversity Statement

Ferrero is committed to building a diverse and inclusive culture in which all employees feel welcomed and appreciated and have the same opportunities. We believe all of our people are equally talented in their own way. In nurturing the curiosity and natural abilities of our employees, we provide them, generation after generation, the means to succeed personally and professionally, enabling them to craft their journey at Ferrero. The diversity of our talents is what makes our work environment multicultural, innovative and highly rewarding.

About the Role:

We are currently looking for a Cyber Risk Governance Specialist to join our Group Cybersecurity team in our Global HQ based in Luxembourg.

Reporting managerially to Cyber Risk Governance you will be responsible for executing Cyber Risk Assessments and Third-Party Cybersecurity Assessments, following the Cyber Risk Management methodology and supporting the monitoring the overall Group Cyber Risk profile.

Moreover, you will be responsible for supporting the definition and maintenance of the Cybersecurity Governance Framework, ensuring an overall direction for the Information Security Management System.

As the Cyber Risk Governance Specialist, you will assist with the implementation of specific initiatives to support Cybersecurity compliance efforts in relation to an evolving global, legal, and regulatory landscape.

Main Responsibilities:


As the Cyber Risk Governance Specialist, you will support the definition and maintenance policy and procedure based on Ferrero’s environment and industry leading practices. 


In addition, you will support the integration of Cybersecurity risk and compliance aspects into other Group processes in a proper manner by:

  • Performing Cybersecurity risks assessments (e.g. impacts and likelihood) to confirm or update risk levels.
  • Assisting in the monitoring of intelligent tracking, prioritizing and responding to findings (remediation plans) to ensure effectiveness in reducing Cyber risks to an acceptable level.
  • Supporting the institution of a program of IT asset risk management.


To retrieve, map and classify the information handled by applications you will provide support the appropriate stakeholders while you will also be involved in the evaluation of third-party providers of services to integrate the periodical Cyber Risk evaluation.


Last but not least, you will provide support in the execution of the activities developed to increase the understanding of Cybersecurity risk management and Cybersecurity compliance obligations, in collaboration with Training, Awareness and Communication.


Who we are looking for:

You will bring your university background in Information Technology or other related fields and your 2-4 years of experience in a similar position or in cybersecurity consultancy.

Moreover, you will bring you previous experience in auditing or involvement in assessing Cybersecurity controls linked to a Cybersecurity Risk Management methodology process (e.g., ISO27005). Your solid knowledge of the IT Audit Framework and Cybersecurity international standards, law and regulations (e.g., CobiT, ITIL, ENISA, NIST, ISO27001, ISO27031) will be an asset for us.

Previous experience in auditing, assessing Third-Party Cybersecurity Risks and involvement in the definition and maintenance of a Cybersecurity Governance Framework leading to its evolution will help you achieve your objectives. Overall, you have knowledge and experience in assessing compliance against Cybersecurity Frameworks/Lead Practices & Regulations.

Thanks to your organizational, presentation, communication and influencing skills, you will perform strategic yet operative tasks assuring projects’ effective coordination and implementation in line with Group guidelines across business stakeholders and departments.

How to be successful in the role and at Ferrero:

Consumers, quality and care are at the heart of everything we do. So, to be successful at Ferrero, you’ll need to be just as consumer and product centric as we are - dedicated to crafting brilliant results for consumers around the world.