WANT TO KNOW MORE ABOUT OUR BIG TECH TRANSFORMATION?

L’Oréal is present in 130 countries on five continents. For more than a century, L’Oréal has devoted itself solely to one business: beauty; it is now the industry world leader with €29 billion consolidated sales.

Today, L’Oréal includes 1700 tech positions and it’s constantly growing. Especially with our ambition to become the #1 BeautyTech company, meaning inventing the beauty of the future while becoming the company of the future.

BeautyTech will equip the Group with the key assets it needs to conquer this new world, where Tech has become strategic.

To achieve this ambition, L’Oréal needs to continue recruiting diverse, innovative, skilled and passionate minds in different tech domains such as Data, Digital, Cloud, Cyber Security, IT Architecture, DevOps, Applications and Infrastructure.

HOLD ON, WHERE ARE OUR MANNERS?

WE HAVEN’T PRESENTED OUR TEAM!

L’Oréal is in a period of growth and transformation in data and is building dynamic and multidisciplinary teams from different backgrounds to deliver on our exciting mission to accelerate the company’s Beauty Tech transformation. 

We are seeking a highly skilled and experienced Cybersecurity Engineer to join our team 

INTERESTED?

THIS IS WHAT YOU WILL DO IN NUTSHELL!

• Responsible for corporate cybersecurity tasks and projects, including development and management of security strategies, policies, and disaster recovery procedures for private and public cloud infrastructures, network and security operation centers, datacenters, networks, and remote sites. 
• Specialize in information security procedures and processes design, security assurance and risk analysis, network vulnerability assessment, penetration testing, incident handling and response management.
• Design security solutions protecting business from external and internal malicious intrusions including leaks of confidential information, cyber-theft of intellectual property: patents, copyrights, and trademarks, and business interruption: denial of service, loss of service availability, intrusions, and malicious code infections.
• Provide custom solutions architecture, security engineering services, IP network designs, network implementations, project management, and capacity planning for large network and security projects. 
• Practical knowledge of standards: NIST, PCI-DSS, ISO, OWASP, SOC, GDPR, CCPA, SDLC

THIS IS WHAT YOU WILL NEED TO SUCCEED!

We love people that are curious, collaborative, eager to have an impact and who value innovation, autonomy, and team spirit. You value code simplicity, performance, and details.

Requirements:

Desired Education or Equivalent Experience

• Degree in Computer Science, Information Security, Data Science, Software Engineering
• One or more professional security certifications: Security+, CySA+, ECSA, Google PCSE, AWS CSS, AZ-500, CCSP, SSCP, CISSP

Practical (hands-on) Knowledge of Technologies, Protocols, and Cloud Platforms: 

• AWS: VPC, SG, NACL, Security Hub, Trusted Advisor, Shield, Inspector, KMS, SSE, GuardDuty
• Azure: VNET, NSG, ASG, AD IAM, SQL Encryption, Key Vault, Application Gateway, Security Center
• GCP: Security Command Center, VPC Service Control, Cloud Armor
• Proxies / Firewalls / Gateways: Zscaler, PaloAlto, Fortinet, Apigee, CA Layer7
• Analyzers/Scanners: AlgoSec, FireEye, Tufin, Splunk, Rapid7, Nessus, Snort, Netcat, Netmap
• Infrastructure: SDWAN, Meraki, IPSec, TLS/SSL, Cisco ISE, REST API 
• Authentication: CyberArk, SSO, MFA, SAML, OAuth, OIDC, PKI (CA), 
• Data Protection: CrowdStrike EDR/CWPP, Microsoft Purview Data Loss Prevention

Candidate Evaluation Criteria 

• Must prove understanding of architecture design and common security vulnerabilities.
• A commitment to the crucial concept of promoting security as an enabler and not an inhibitor of business.
• Contribute to building enterprise architecture management, governance, and compliance programs. 
• Strong organization, prioritization, rationalization, and analytics skills
• An ability to cultivate and build collaborative working relationships with a broad range of enterprise stakeholders.
• A well-developed understanding of business needs and a commitment to leading the information risk management team in delivering high-quality, prompt, and efficient service to the business.
• A well-developed understanding of and appreciation for organizational mission, values, and goals and consistent architecture of this knowledge.
• An ability to communicate complex and technical issues to diverse audiences.
• Deep and thorough knowledge of advanced enterprise level architecture security standards, techniques, and tools.
• Ability to assess code security vulnerabilities, implement security measure and mitigating controls.

WAIT, THERE IS MORE! LET US GIVE YOU 4 OTHER REASONS TO JOIN US!

Joining L'Oréal means joining a company that:

1. Invests in Tech and positions its Tech teams at the heart of its digital transformation strategy.
2. Allows its employees to have a real impact, to test their ideas, to innovate and to build our future.
3. Has a powerful and innovative HR policy.
4. Has chosen to uphold strong values and to be particularly advanced from a social and environmental point of view (strong diversity and inclusion policy, L'Oréal for the Future program, commitment to numerous communities, etc.).

The L'Oréal Group is convinced that difference is a deep source of wealth, that allows everyone to grow, to challenge themselves and to go further.

We strongly encourage everyone to always dare and never censor themselves. Skills can always be learnt.

We will be delighted to exchange with you!

Ready to build the future of L'Oréal together? Apply now!