Security Engineer

MAIN PURPOSE 

As a Security Engineer, you will act as a key bridge between Client & Market digital teams and Group Cyber Resilience. This role focuses on communication, coordination, and follow-up, ensuring that security requirements are clearly understood and applied across our digital platforms. 

You will represent security within Unified Commerce and Client Care areas, working closely with product teams and cybersecurity SMEs. While you will not implement security solutions directly, your ability to understand, challenge, and guide security topics will be essential in a global, collaborative environment.

Your responsibilities will include monitoring and following up on security controls, contributing to the enhancement of security components and advising development and operations teams on secure design and implementation practices. 

This position operates in an Agile, international environment, requiring close collaboration with cross-functional teams across different time zones. The ideal candidate will have a solid background in web and application security, combined with a pragmatic approach to integrating security within the software development lifecycle. 

KEY RESPONSIBILITIES 

•  Act as the primary point of contact for all IT security topics, liaising with Group Cyber Resilience, IT Security and other teams. 

• Ensure that all Unified Commerce and Client Care solutions comply with Richemont’s global security policies and standards. 

• Deploy, maintain and continuously enhance security components to ensure an appropriate level of protection across digital platforms. 

• Plan, coordinate and follow up on security testing activities, including penetration tests, vulnerability scans and security intelligence reviews. 

• Support development and operations teams in mitigating identified vulnerabilities and improving secure coding and deployment practices. 

• Collaborate with DevOps and QA teams to define and enhance automated security testing within CI/CD pipelines. 

• Define and enforce hardening procedures for web-related IT components and middleware layers. 

• Participate in security audits and assessments to ensure compliance with data protection and e-commerce requirements. 

• Develop, maintain, and document security processes, controls, and incident management procedures. 

• Provide training, guidance and coaching to internal teams, Maisons, and partners to promote secure design and implementation practices. 

• Coordinate security-related activities across multiple stakeholders, including partners, agencies and Maison digital teams. 

• Contribute to continuous improvement by identifying opportunities to strengthen the overall cybersecurity posture of Richemont’s digital ecosystem. 

REQUIRED SKILLS & QUALIFICATIONS 

Technical Skills 

• 4+ years of experience as a Security Engineer, preferably within digital, e-commerce, or software-based environments. 

• Strong background in information security principles and practices, with proven experience in IT and web security across Internet, Extranet and Intranet systems. 

• Hands-on experience in web application security, including vulnerability scanning, penetration testing and incident response. 

• Solid understanding of OWASP Top 10 and secure coding principles; able to identify and mitigate common web vulnerabilities. 

• Familiarity with DevOps environments and security tooling (e.g., GitLab, SonarQube, Snyk, OIDC, openFGA and AWS IAM policies). 

• Working knowledge of cloud platforms such as AWS, Azure or GCP, with a focus on secure architecture and deployment. 

• Practical experience with development frameworks and languages (e.g., Java, JavaScript) and writing secure code. 

• Proficiency in web and mobile application security practices, with a proactive approach to improving the organization’s overall security posture. 

Soft Skills 

• Strong problem-solving and analytical skills.  

• Excellent communication and ability to work with multinational, cross-functional teams.  

• Proactive, self-driven, and eager to learn new technologies.  

• Ability to work independently in a fast-paced Agile environment.  

Education & Language  

• Bachelor’s or Master’s degree in Computer Science, Software Engineering, or a related field.  

• Fluency in English (French or other languages is a plus).