Reporting to Northern Europe CISO, you will be responsible to structure, monitor, control and support all IT and business teams on Cybersecurity topics in both hubs BNL (Belgium, Netherlands) & Nordics countries (Denmark, Sweden, Norway, Finland).
This is a leadership role that requires an individual with a strong technical background, able to communicate to leadership positions as well as the ability to work across different teams to align information security priorities with key IT objectives following a risk-based approach.
Key Duties / ResponsibilitiesGovernance- Lead the implementation of a comprehensive Cybersecurity program.
- Convey the L’Oréal Group Cybersecurity framework and adapt it when required to specific constraints.
- Animate regular meetings with IT director and domain managers.
- Identify, estimate, evaluate Cybersecurity risks of your perimeter and ensure proper mitigation actions are in place.
- Review security of Third Parties and ensure proper cybersecurity requirements are included in contracts & appendixes.
- Make recommendations and follow action plans.
- Make sure that all security steps (Risk analysis, contract review, penetration test, configuration check, code review, etc.) are done before Go Live.
- Ensure compliance with local regulations and mandatory standards (e.g. GDPR, PCI-DSS).
- Follow Group and Zone cybersecurity KPIs and controls.
- Act as the IT point of contact to lead communications with internal and external auditors and ensure IT security compliance in the perimeter you are responsible for.
- Ensure non compliances, vulnerabilities or any other security weaknesses are remediated in due time.
- Ensure, in partnership with internal communication, that Group / Zone Cyber initiatives are properly deployed on your perimeter.
- Educate local teams on Cybersecurity good practices.
- Ensure existence of disaster recovery plans (DRP) for all critical assets of the perimeter, support in definition and execution when required.
- Ensure proper Crisis Management team is in place.
- A minimum of 10 years of experience in Cybersecurity is required.
- In-depth technical knowledge and experience in information technology, computing systems, network technologies, security operations, security technologies, systems integration, and the application of information security concepts.
- Proven and effective leadership skills, as well as demonstrated proficiency in providing requisite oversight for information security operations and incident management.
- Excellent interpersonal skills, as well as an ability to interface efficiently with employees, senior leadership, and external partners, clients, and customers.
- Excellent verbal and written communication skills to technical and non‑technical audiences of various levels in the organization.
- Fluent in Dutch and English.
- A previous experience as IT project manager or information security manager is preferred.
- Master’s degree in computer science, Information Security/Data Systems Management or a related field or discipline from an accredited college or university is a minimum required.
- Information security or risk management certifications (ISO/IEC 27001, 27005) or Certified Information Systems Security Professional (CISSP) are preferred. Any additional certifications (e.g., CRISC, CISM, CISA, PMP, etc.) will be a plus for the application.
Salarisomschrijving
€80000 - €120000 monthly