• Conduct security reviews for all activities within the assigned scope, following the Group’s ISP methodology. This involves monitoring both IT projects and Business-led initiatives that may not always involve IT teams.
• Maintain up‑to‑date security information for all assets in scope within ServiceNow (DPS, attestations, controls, etc.).
• Monitor and raise alerts in case of major threats impacting L’Oréal’s information system.
• Collaborate with CSIRT teams to follow up on incidents within the assigned perimeter.
• Monitor security KPIs within the scope and implement the associated compliance action plans.
• Follow up on penetration tests, vulnerability scans, Bug Bounty findings, and related remediation plans.
• Contribute to the preparation of materials for security committees.
• Participate in the O+O WW Cybersecurity community.
• Conduct cybersecurity awareness sessions for both IT and Business teams.

A very strong command of English and excellent interpersonal skills are required for this role.

• CISSP certification