Cybersecurity Manager - Integration, IT4IT & IoT
Role details
Job location
Tech stack
Job description
As our Cybersecurity Manager for Integration, IT4IT & IoT, you will join a team securing the central nervous system of our Beauty Tech operations. Your scope will cover critical platforms:
- Our Integration Platform: The key platform handling all data exchanges between our systems.
- Our Global IT4IT Platform: The source of truth for all IT topics, where all IT activities are managed.
- Our Global IoT Platform: The hub hosting all innovative IoT devices delivered by our Beauty Tech.
You will be responsible for all aspects of information security and technology risk management for this scope. Your key responsibilities will include:
- Defining and enforcing a clear information security governance across your platforms.
- Ensuring L'Oréal's "Integration of Security in Projects" methodology is properly applied, working jointly with Business and IT Teams.
- Following-up on Third-Party Cybersecurity Risk Management, in close collaboration with legal and purchasing teams.
- Proactively identifying and mitigating information security risks throughout the lifecycle of L'Oréal assets.
- Managing security exceptions and formally documenting risk acceptance.
- Participating in business platform Cybersecurity committees' preparation and presentation.
- Managing regulatory compliance jointly with the concerned teams (e.g., Data Privacy).
- Following-up on compliancy and security KPIs and putting in place appropriate action plans.
- Following-up on threat and vulnerability management processes and their related remediation plans.
- Ensuring a prompt and close follow-up of security incidents, jointly with L'Oréal CSIRT.
- Acting as a Cybersecurity evangelist, designing and leading engaging awareness sessions.
We Are Looking For
You are curious, collaborative, and proactive with a talent for securing complex, interconnected platforms. You are eager to have an impact in a fast-paced, global environment and value both innovation and autonomy., * A place for you to leave your comfort zone and grow beyond your potential (here, you'll be encouraged to try new things and take risks!)
- Real responsibility from day 1, there's no sitting on the sidelines at L'Oréal
- An environment where people of every ethnicity, social background, age, religion, gender and sexual orientation as well as people with disabilities are accepted, can speak up, will thrive and are celebrated!
- A place where you can contribute to something bigger! Many of our brands have societal /environmental causes to make concrete difference
Requirements
- Experience: At least 5 years of experience in information security in similar roles.
- Technical & Risk Knowledge: A strong technical background in IT security, with good knowledge of Risk Management standards and regulations like GDPR and PCI-DSS.
- Leadership & Influence: Experience in transversal team management and excellent interpersonal skills.
- Project & Process Skills: Knowledge of project management methodologies and experience in Third-Party Security Management.
- Language Skills: Excellent spoken and written English for our international context.
- Mindset: A rigorous, organized, and curious approach. Security certifications like CISM or CISSP are a plus. You may not be an expert in all areas, but you show great curiosity in understanding the non-mastered ones.