Chanel Senior Manager, Information Security Governance, Risk & Compliance

About Chanel

Chanel is an independent French maison renowned for haute couture, luxury ready-to-wear, leather goods and beauty. Globally recognised for craftsmanship, aesthetic leadership and brand stewardship, Chanel operates a complex international organisation combining heritage ateliers, global retail, and digital platforms. As an employer, it demands both creative excellence and rigorous professional standards across corporate functions including information security and technology.

Role & Responsibilities

• Define, advance and operate the information security governance, risk and compliance (GRC) programme across global IT and business functions.
• Develop, maintain and socialise security policies, standards and control frameworks in alignment with ISO 27001, NIST and regulatory requirements (including GDPR and PCI-DSS where applicable).
• Lead enterprise risk assessments and control self-assessments; translate findings into remediation roadmaps and executive reporting.
• Coordinate internal and external compliance audits, certification efforts and third-party security assessments; manage remediation and evidence requests.
• Oversee third‑party / vendor risk management processes, including due diligence, contract clauses and ongoing monitoring.
• Produce and present concise governance reporting and key risk indicators to senior stakeholders and governance forums.
• Collaborate with IT, legal, privacy, retail and business teams to embed security controls and drive continuous improvement.
• Mentor and line-manage GRC practitioners; define priorities, processes and metrics for the team.

Qualifications

• Relevant professional certification such as CISSP, CISM, CISA or CRISC strongly preferred.
• Demonstrable knowledge of ISO 27001, NIST CSF, GDPR and common industry standards (PCI-DSS, SOC 2).
• Proven ability to manage cross-functional stakeholders and influence at senior levels.
• Experience managing audit and certification programmes and third-party risk assessments.
• Strong written and verbal communication skills with experience producing executive-level reports.

Skills

Experience

Eight or more years in information security, with a minimum of three to five years leading GRC, compliance or risk programmes in a multinational environment; experience in luxury retail, consumer products or retail technology is advantageous.

Education

Bachelor's degree in Computer Science, Information Security, Engineering, Cybersecurity or a related discipline; Master's degree or equivalent professional experience preferred.

Workplace

Culture

Chanel combines deep respect for artisanal tradition with strategic investment in digital and corporate functions. The workplace culture prizes discretion, excellence and cross-disciplinary collaboration, with an expectation of high professional standards and a global, multilingual outlook.

About Cerulean

Cerulean is the definitive career portal for the global luxury industry. We match exceptional professionals with exclusive opportunities at the world's most prestigious brands. From haute couture and fine watchmaking to prestige beauty, hospitality, and boutique retail, Cerulean centralises luxury employment to help you find the career for which you were destined.