L'Oréal is looking for a Global Cybersecurity Manager to take ownership of all aspects of Information Security and Technology Risk Management for our O+O Omnisales scope. This leadership role involves driving the major global Titanium Cybersecurity transformation program and requires strong collaboration with Business and IT Teams to ensure compliance while enabling business growth.
What You'll Do
- Define and enforce clear information security governance throughout the scope, including animation of security committees.
- Ensure L’Oréal's Integration of Security in Projects methodology is properly applied jointly with Business and IT Teams.
- Follow-up on Third Party Cybersecurity Risk Management, working closely with legal and purchasing teams to integrate security requirements early in selection and contracting.
- Proactively identify and mitigate information security risks throughout the lifecycle of L’Oréal Omnisales assets.
- Manage security exceptions and formally document risk acceptance and compensatory measures.
- Lead and drive the Titanium Retail Cybersecurity program jointly with infrastructure and IT O+O Omnisales Teams at global and zone levels.
- Participate in O+O Cybersecurity committees preparation and presentation.
- Manage regulatory compliance jointly with concerned teams (e.g., Data Privacy).
- Follow-up on compliance and security KPIs and implement action plans for continuous improvement.
- Follow-up on Threat and Vulnerability Management process and related remediation plans.
- Ensure prompt and close follow-up of security incidents, jointly with L’Oréal CSIRT.
- Act as a Cybersecurity evangelist, designing and leading engaging awareness sessions for diverse audiences.
- Contribute to L’Oréal O+O Cybersecurity Community.
What We're Looking For
- At least 10 years of experience in information security in similar roles.
- Strong technical background in IT security.
- Excellent interpersonal skills.
- Good knowledge of Risk Management standards.
- Good knowledge of domain-specific and security-related regulations and standards such as GDPR and PCI-DSS.
- Excellent spoken/written English (international context).
- Rigorous and organized mindset.
- Team Management Experience, particularly Transversal Team Management.
Nice to Have
- Cybersecurity certifications such as CISSP.
Team & Environment
You will be part of the O+O (Online + Offline) Group Cybersecurity Team, working in close collaboration with Divisions, Zones, and other functions like Marketing and Finance. This role reports to the O+O CISO.
Benefits & Compensation
- Hybrid Work Policy: 3 Days in Office, 2 Days Work from Home.
- VIP staff shop offering products at a preferential rate.
- Company restaurant & gym.
- 60% reimbursement of transportation subscription.
- Work council offering employee discounts (social & cultural activities, holiday vouchers).
- Dynamic mobility policy.
- Significant investment in employee training.
- Regular re-evaluation of remuneration.
- Innovative HR measures: Time Savings Account, paternity leave, Citizen Day.
Work Mode
This role follows a hybrid work model.
L'Oréal is an Equal Opportunity Employer and takes pride in a diverse environment. We would love to find out more about you as a candidate and we do not discriminate in recruitment, hiring, training, promotion, or other employment practices.
