Regional Cybersecurity Manager

About the role

The Regional Cybersecurity Manager reports to the Head of Cybersecurity and to the local P&O team in France. The role defines and executes the regional cybersecurity roadmap, aligning local needs with Ferrero’s global strategy and ensuring the protection of industrial sites and the supply chain.

Key responsibilities

• Define local objectives and a cybersecurity roadmap for risk assessment, vulnerability management, and awareness programs.
• Lead improvement projects that raise the region’s security posture in line with group guidelines.
• Conduct periodic maturity and risk‑exposure assessments with Business, IT and OT stakeholders.
• Collect, prioritize and communicate local requirements to the Group Cybersecurity team.
• Integrate Group cybersecurity requirements into local IT, Business and OT processes.
• Deploy and sustain cybersecurity methodologies, processes and technologies, overseeing projects to completion.
• Ensure compliance of tools, policies and procedures with local and technical requirements.
• Monitor local threats, support continuous cyber‑risk evaluation and contribute to incident management in coordination with central Defence & Response.

Required profile

• Excellent analytical and conceptual abilities with strong intellectual rigor.
• Structured, research‑driven problem‑solving mindset.
• Comfort working in multicultural, distributed environments and coordinating remotely.
• Clear communication with both technical and non‑technical stakeholders.
• Broad understanding of IT and OT environments.
• Familiarity with international standards and regulations such as ENISA, NIST, GDPR and ISO 27000.
• Knowledge of compliance frameworks including PCI, HIPAA, GLBA and SOX.
• Experience with cyber‑incident coordination and response.
• Relevant certifications (CISSP, CISM, CISA, ISO 27001 Lead Auditor) are a plus.
• Full professional proficiency in English.

Required skills

• Risk assessment
• Vulnerability management
• NIST framework
• ISO 27001
• PCI DSS
• HIPAA
• GLBA
• SOX
• CISSP
• CISM
• CISA
• ISO 27001 Lead Auditor
• OT security