Zurück
unbefristete Beschäftigung
Madrid (Madrid), Madrid
Tech
Vollzeit
16-Apr-2024

 

L’Oréal is present in 150 markets on five continents. For more than a century, L’Oréal has devoted itself solely to ‘Create beauty that moves the world’; it is now the industry world leader with €29 billion consolidated sales. Together, we solve complex challenges at scale, while making sure we stay committed to making the world a more inclusive and a better place for everyone & our planet. Experience the excitement of agility to shape the future of beauty; where diversity and purpose come together create meaningful impact. 

 

Didn’t imagine L’Oreal as an amazing Tech Company? Wait a minute! 😎
 Today, L’Oréal includes  over 9k experts in beautytech, digital, data and ecomm and is constantly growing so that we invent the beauty of the future while becoming the company of the future.


 To achieve this ambition, L’Oréal needs to continue recruiting many diverse, innovative, skilled and passionate minds in different tech domains such as Data, Digital, Cloud, Cyber Security, IT Architecture, DevOps, Applications and Infrastructure.

 

Reporting to the O+O (Online + Offline) Cybersecurity Manager, you will be responsible for structuring, monitoring, controling and supporting Europe Digital Excellence Center on Ecommerce websites fronts, but also Catalog Websites (Website Factory) on Cybersecurity topics.

This role requires an individual with a strong CyberSecurity background as well as the ability to work across different organizations, countries, and teams to align information security priorities based on a risk-based approach. The communication skills are important in this position as working closely with IT and business.

 

Your role will involve: 

 

Governance:

  • Lead the implementation of a comprehensive Cybersecurity program.
  • Convey the L’Oréal Group Cybersecurity framework and adapt it when required to specific constraints.
  • Animate regular meetings with Digital Excellence Center and Website Factory Teams.
  • Ensure information security collaboration with Zone IT.

 

Risk Management / Security in Project:

  • Identify, estimate, evaluate Cybersecurity risks of your perimeter and ensure proper mitigation actions are in place.
  • Support teams of the scope for cybersecurity during projects.
  • Review security of Third Parties and ensure proper cybersecurity requirements are included in contracts & appendixes.
  • Make recommendations and follow action plans.
  • Make sure that all security steps (Risk analysis, contract review, penetration test, configuration check, code review, etc.) are done before Go Live.

 

Compliance / Action plan follow-up.

  • Ensure compliance with local regulations and mandatory standards (e.g. GDPR, PCI-DSS). 
  • Enforce and control the correct application of the Group's Cybersecurity framework.
  • Follow Group and Zone cybersecurity KPIs and controls.
  • Ensure all assets and services on your perimeter are secured through the implementation of best-in-class security measures.
  • Ensure non compliances, vulnerabilities or any other security weaknesses are remediated in due time.

 

Cybersecurity Awareness / Education:

  • Ensure, in partnership with internal communication, that Group / Zone Cybersecurity awareness initiatives are properly deployed on your perimeter.
  • Educate local and Zone O+O teams on Cybersecurity good practices.

 

Requirements for this position: 

  • A minimum of 5 years of experience in Cybersecurity is required.
  • Master’s degree in Computer Science, Information Security/Data Systems Management or a related field or discipline from an accredited college or university is a minimum required. 
  • Information security or risk management certifications (ISO/IEC 27001, 27005) or Certified Information Systems Security Professional (CISSP) are preferred. Any additional certifications (e.g., CRISC, CISM, CISA, PMP, etc.) will be a plus for the application.
  • In-depth technical knowledge and experience in information technology, computing systems, network technologies, security operations, security technologies, systems integration, and the application of information security concepts.
  • Excellent interpersonal skills, as well as an ability to interface efficiently with employees, senior leadership, and external partners, clients, and customers.
  • Excellent verbal and written communication skills to technical and non-technical audiences of various levels in the organization.
  • A previous experience as IT project manager or information security manager is preferred.
  • An experience in Sales Force Commerce Cloud would be appreciated.


We offer 

  • 😎 Friendly and dynamic work atmosphere in the diverse environment of the market beauty leader;
  • Unlimited access to the L’Oréal “MyLearning Platform” to boost your skills;
  • 💻Smartworking: up to 2 days of remote working per week;
  • Access to the L'Oréal Share&Care package;
  • 🍒Cherry on the cake: discount for products from our brands’ portfolio!

 

If this sounds awesome and you think that there might be a fit, apply now! 

 

How the recruitment process looks like:

  • Online application (we advise you to upload an updated CV).
  • Interview with the HR team to understand your profile and your expectations. 
  • Meeting with the business and with your potential future manager to discover in detail the mission designed for you! 

 

Do you want to know more? Read and apply at: https://careers.loreal.com


Jetzt bewerben
  • Sie können sich innerhalb von 30 Tagen auf bis zu drei Jobs bewerben.
  • Sie können Ihre drei Bewerbungen anschließend nicht mehr zurückziehen um sich auf weitere drei Stellen zu bewerben. Stellen Sie daher sicher, dass Sie auch Ihren Traumjob auswählen.
  • Bitte besuchen Sie "Dein Bewerbungsprofil", um die Stellen einsehen zu können, für die Sie sich bereits beworben haben.
  • Bitte erstellen Sie kein weiteres Konto mit einer anderen E-Mail Adresse. Sollten Sie ein zweites Konto anlegen, könnte dies mit dem vorherigen Konto zusammengelegt werden und Ihr Bewerbungsdatensatz wird anschließend gelöscht.