As Cybersecurity Officer you will be responsable for:
Governance:
- Lead the implementation of a comprehensive Cybersecurity program.
- Convey the L’Oréal Group Cybersecurity framework and adapt it when required to specific constraints.
- Animate regular meetings with IT director and domain managers.
Risk Management / Security in Project:
- Identify, estimate, evaluate Cybersecurity risks of your perimeter and ensure proper mitigation actions are in place.
- Review security of Third Parties and ensure proper cybersecurity requirements are included in contracts & appendixes.
- Make recommendations and follow action plans.
- Make sure that all security steps (Risk analysis, contract review, penetration test, configuration check, code review, etc.) are done before Go Live.
Compliance / Action plan follow-up.
- Ensure compliance with local regulations and mandatory standards (e.g. GDPR, PCI-DSS).
- Follow Group and Zone cybersecurity KPIs and controls.
- Act as the IT point of contact to lead communications with internal and external auditors and ensure IT security compliance in the perimeter you are responsible for.
- Ensure non compliances, vulnerabilities or any other security weaknesses are remediated in due time.
Cybersecurity Awareness / Education:
- Ensure, in partnership with internal communication, that Group / Zone Cybersecurity awareness initiatives are properly deployed on your perimeter.
- Educate local teams on Cybersecurity good practices.
Resiliency:
- Ensure existence of disaster recovery plans (DRP) for all critical assets of the perimeter, support in definition and execution when required.
- Ensure proper Crisis Management team is in place.
To succeed in the role you will need the following technical & professional competencies :
A minimum of 5 years of experience in Cybersecurity is required.
- In-depth technical knowledge and experience in information technology, computing systems, network technologies, security operations, security technologies, systems integration, and the application of information security concepts.
- Proven and effective leadership skills, as well as demonstrated proficiency in providing requisite oversight for information security operations and incident management.
- Excellent interpersonal skills, as well as an ability to interface efficiently with employees, senior leadership, and external partners, clients, and customers.
- Excellent verbal and written communication skills to technical and non-technical audiences of various levels in the organization.
- Fluent in English.
- A previous experience as IT project manager or information security manager is preferred.
Education
- Master’s degree in computer science, Information Security/Data Systems Management or a related field or discipline from an accredited college or university is a minimum required.
- Information security or risk management certifications (ISO/IEC 27001, 27005) or Certified Information Systems Security Professional (CISSP) are preferred. Any additional certifications (e.g., CRISC, CISM, CISA, PMP, etc.) will be a plus for the application.
We offer:
- Friendly and dynamic work atmosphere in the diverse environment of the market beauty leader.
- Plenty of opportunities to grow - cross-divisionally and functionally.
- #Learningneverstops mindset: wide learning and e-learning package.
- Attractive benefits package including sports card, private health care, life insurance, pension package and internal boutique with a discount, product allocations.
- Modern and sustainable office in Warsaw city center.
- Community-engaged in Sports and CSR activities.
We are open for candidates with disabilities.