Hello, we’re L’Oréal. We're not just building brands, we're shaping how the world experiences beauty (and it takes a lot of cool jobs to do it). Intrigued? Keep reading, this might be the opportunity you've been searching for.
A Day in the Life
As our Cybersecurity Manager for Integration, IT4IT & IoT, you will join a team securing the central nervous system of our Beauty Tech operations. Your scope will cover critical platforms:
- Our Integration Platform: The key platform handling all data exchanges between our systems.
- Our Global IT4IT Platform: The source of truth for all IT topics, where all IT activities are managed.
- Our Global IoT Platform: The hub hosting all innovative IoT devices delivered by our Beauty Tech.
You will be responsible for all aspects of information security and technology risk management for this scope. Your key responsibilities will include:
- Defining and enforcing a clear information security governance across your platforms.
- Ensuring L’Oréal's "Integration of Security in Projects" methodology is properly applied, working jointly with Business and IT Teams.
- Following-up on Third-Party Cybersecurity Risk Management, in close collaboration with legal and purchasing teams.
- Proactively identifying and mitigating information security risks throughout the lifecycle of L’Oréal assets.
- Managing security exceptions and formally documenting risk acceptance.
- Participating in business platform Cybersecurity committees' preparation and presentation.
- Managing regulatory compliance jointly with the concerned teams (e.g., Data Privacy).
- Following-up on compliancy and security KPIs and putting in place appropriate action plans.
- Following-up on threat and vulnerability management processes and their related remediation plans.
- Ensuring a prompt and close follow-up of security incidents, jointly with L’Oréal CSIRT.
- Acting as a Cybersecurity evangelist, designing and leading engaging awareness sessions.
We Are Looking For
You are curious, collaborative, and proactive with a talent for securing complex, interconnected platforms. You are eager to have an impact in a fast-paced, global environment and value both innovation and autonomy.
You're a great match if you have:
- Experience: At least 5 years of experience in information security in similar roles.
- Technical & Risk Knowledge: A strong technical background in IT security, with good knowledge of Risk Management standards and regulations like GDPR and PCI-DSS.
- Leadership & Influence: Experience in transversal team management and excellent interpersonal skills.
- Project & Process Skills: Knowledge of project management methodologies and experience in Third-Party Security Management.
- Language Skills: Excellent spoken and written English for our international context.
- Mindset: A rigorous, organized, and curious approach. Security certifications like CISM or CISSP are a plus. You may not be an expert in all areas, but you show great curiosity in understanding the non-mastered ones.
What’s In It For You
- A place for you to leave your comfort zone and grow beyond your potential (here, you’ll be encouraged to try new things and take risks!)
- Real responsibility from day 1, there’s no sitting on the sidelines at L’Oréal
- An environment where people of every ethnicity, social background, age, religion, gender and sexual orientation as well as people with disabilities are accepted, can speak up, will thrive and are celebrated!
- A place where you can contribute to something bigger! Many of our brands have societal /environmental causes to make concrete difference
Who We Are
L’Oréal is present in 150 markets on five continents. For more than a century, L’Oréal has devoted itself solely to ‘Create beauty that moves the world’; it is now the industry world leader with €42 billion consolidated sales. Together, we solve complex challenges at scale, while making sure we stay committed to making the world a more inclusive and a better place for everyone & our planet.
Today, L’Oréal includes over 9k experts in beauty tech, digital, data and e-comm and is constantly growing. Championing Beauty Tech, we invent the beauty of the future while becoming the company of the future. To achieve this ambition, L’Oréal continues to recruit diverse, innovative, skilled, and passionate minds in different tech domains such as Data, Digital, Cloud, Cyber Security, IT Architecture, DevOps, Applications, and Infrastructure.
We’re committed to guaranteeing inclusive recruitment processes and to advocating for hiring and promoting each candidate in an ethical and equitable way. The Group strictly prohibits discrimination against any applicant for employment because of the individual’s gender identity or expression, sexual orientation, visible and/or invisible disabilities, socio-economic and/or multicultural origins, health conditions, age, religion, or any other characteristics protected by law.
- You can apply to up to three jobs within a rolling 30-day window.
- You cannot withdraw your application once you applied, so please make sure to choose a job that matches your dreams.
- Please visit "Your Application Space" to see the jobs you have already applied to.
- Please don’t create another account with a different email. If you do so, your account might be merged and your application record will be deleted.