IT Risk manager (H/F), Paris

L'Oréal

Apply now Back
Back to results page

Company

L'Oréal

Place(s)

Paris
Apply now

IT Risk manager (H/F), Paris

Permanent
IT, telecommunications, computer science
Offer archived at 20/11/2019
 

L'Oréal

IT Risk manager (H/F), Paris

Misssions

  • Review and improve Cybersecurity risk management framework
  • Validate with Key stakeholders Risk level, Risk strategy and Risk Appetite
  • Build a transversal line of service:
  • To collect and manage new project demand.
  • Do a first level of Risk assessment.
  • To support local Security Manager.
  • To follow and ensure coherence of Risk Analysis
  • To manage exceptions.
  • To put in place and support Risk Management solution.
  • Engage and advise stakeholders
  • Work closely with team in charge of Third Party Risk management
  • Review and maintain IT Security in projects methodology
  • Consolidate Risks
  • Continuously evaluate communication security, data vulnerability, business continuity and compliance risks
  • Identify vulnerabilities or weaknesses in systems
  • Evaluate security policy, processes and procedures for completeness
  • Ensure that controls are adequate to protect sensitive information systems
  • Clearly document and define risks and potential impacts along with the statistical probability of such an event and identify systems affected by the defined risk
  • Provide mitigation/ damage reduction proposals with cost justification
  • Identify defensive steps to take, starting by the existing security standards already available within L’Oréal
  • Participate to education of Security, IT & Business stakeholders to Risk Management

Profile

Education:

  • Master’s degree in Information Technology

Professional experience:

  • You have a successful first experience of 5 years in the cybersecurity field within a consultancy firm or a Fortune 500 company

Technical skills:

  • Knowledge of cybersecurity frameworks (NIST, OWASP, …)
  • Knowledge and experience in auditing, security reviews or compliance reviews
  • Knowledge and experience in risk analysis
  • Knowledge of web technologies (CMS, development frameworks, API, application security, …)
  • Knowledge of public cloud services (Azure, AWS, Google Cloud)

Management skills:

  • Ability to manage and / or influence people
  • Ability to communicate complex ideas effectively, both verbally and in writing, in English and French with international stakeholders and with cybersecurity stakeholders within the Group

Interpersonal skills:

  • Good relationship
  • Ability to convince and drive change
  • Ability to navigate within a fast-moving environment
  • Strong analytical skills
  • Fluency in English is essential

Apply

Offer archived at 20/11/2019

 
Paris map