Group Director,Cyber Risk & SecurityEngineering

About the role: 

CHANEL is hiring a Group Director, Cyber Risk & Security Engineering. We are looking for a Security Engineering, Governance and Cyber Risk champion to join our Information Security Team onsite in the New York City area. You will play a leading role, reporting directly into the Head of Information Security, in safeguarding the integrity and reputation of The House by ensuring adherence to regulatory requirements, industry standards, and internal policies, while garnering awareness to influence behavior change. You will collaborate cross-functionally with teams across the enterprise including Tech, Legal, Operations, Retail, and with our global partners to assess risks, implement continuous monitoring programs, and drive a culture of cyber resilience and accountability across the organization. Our ideal candidate will demonstrate a unique blend of leadership, information security domain expertise, strong risk management acumen, business judgement, creativity, entrepreneurial spirit, communication skills, and embrace diverse perspectives. 

What impact you can create at CHANEL: 

• Strengthen CHANEL’s ability to identify, assess, and prioritize cyber risks, enabling confident decision-making on remediation, acceptance, or transfer 

• Lead the implementation and integration of security controls across digital and physical environments, collaborating with engineering, architecture, and operations to embed robust protection at every layer 

• Translate technical risks into actionable requirements and behaviors, fostering a culture of secure operations and empowering teams enterprise-wide 

• Build and scale impactful security awareness programs, driving measurable behavior change and elevating security practices across corporate, retail, and operations environments 

• Drive a scalable, intuitive approach to identity and access governance, ensuring the right individuals have timely access while minimizing business friction 

• Identify and address information security program gaps, advising on remediation and influencing adoption in partnership with the Head of Information Security 

• Act as a decisive tech leader, taking informed risks and making recommendations quickly within a complex, matrixed organization 

You are energized by: 

• Delivering security as a service to a large, complex organization with both online and physical retail presence in a rapidly growing environment with cyber threats that are continuously evolving 

• Developing and elevating security processes for efficiency and easy adoption while delivering high-quality scalable solutions that minimize cyber risk 

• Fostering a message that information security enables the business and its objectives by educating and garnering awareness to a range of audiences, both technical and non-technical, while also actively listening to their needs ensuring alignment with program versus organizational objectives 

• Working in a highly collaborative environment as a courageous leader and developing talent to support the growth of the business

• Navigating complexity and monitoring risk on the regional and global level in close partnership with the wider Information Security team driving consistent transformation and change

What you will bring to the team: 

• Extensive hands-on experience in cyber engineering, implementing and managing enterprise security solutions across cloud-native and hybrid environments (Azure, AWS, GCP), networks, and endpoints 

• Proficiency in secure software development, DevSecOps, and infrastructure-as-code (Terraform, Ansible), embedding security in CI/CD pipelines 

• Advanced expertise with security technologies (SIEM, EDR, PAM, firewalls, encryption), focusing on governance and reporting 

• Strong leadership conducting threat modeling, technical assessments, and remediation 

• Deep knowledge of secure communications, identity and access management, and data loss prevention 

• Practical experience applying industry frameworks and standards (NIST 800-53, ISO 27001, CIS) to achieve scalable, business-aligned security outcomes 

• Experience with PCI DSS assessments and readiness (preferred) 

• Proven ability to communicate complex technical and risk concepts clearly to senior leadership 

​

Position Logistics: 

• Availability to work from Piscataway, NJ and New York, NY office locations 

• Hybrid work model with 3 days onsite required 

• Minimum of 10 years in cyber security engineering, including hands-on leadership in designing and implementing security solutions, risk assessments, and awareness programs across complex enterprise environments 

• Bachelor’s degree in computer science, information technology, or equivalent; Security-specific certifications (such as CISSP, CISM, CISA) are preferred 

​

*Chanel, Inc. reserves the right to edit, change, or make exceptions on designations where circumstances where deemed appropriate.    

 Compensation:     

• The anticipated base salary range for this position is $127,000-$195,000.  A base salary is one component of the total compensation for this position. Other forms of variable pay [may/will] be offered for this position. Other components [may/will] include bonus potential, benefits, and/or perks.    

​ 

 Benefits and Perks:     

• Wellbeing resources include dedicated paid time off for wellbeing (2-week August Office Closure) and a Wellbeing fund      

• Family and care giving benefits (inclusive of parental leave, fertility support, MilkStork, and Care.com Membership)     

• Generous paid time off policies to include vacation, holiday, sick and volunteer days      

• 401K and other incentives      

• Robust healthcare offerings; medical, dental, vision, MDLIVE (virtual care), One Medical, Flexible Spending Accounts (Health Care & Dependent Care), Health Savings Account and Employee Assistance Program     

• Life insurance, Accidental Death & Dismemberment, Short Term Disability, Long Term Disability, Health Advocate, International Business Travel Accident & Medical, and Commuter Transit & Parking