Función del empleo: Information Systems

Tipo de puesto: Permanent

Tipo de empleo: Full - Time

Localización: Paris

País: France

Group GRC solution Manager (H/F)

At Global IT, Group Cybersecurity teams ensure that Cybersecurity risks are properly managed within digital transformation of L’Oréal Group.

At worldwide level, Cybersecurity teams:

  • Build L’Oréal Cybersecurity strategy in partnership with business strategy and promote it
  • Define Cybersecurity policies and procedures
  • Support business projects in terms of Cybersecurity and data protection
  • Manage Cybersecurity projects
  • Increase Cybersecurity culture
  • Manage Cybersecurity incidents and crisis
  • Control the level of maturity within the Group

Within GDPR context, L’Oréal has deployed Service Now GRC on a limited scope and usecase (Privacy in Europe). Now, L’Oréal wants to extend its use and have the whole Group operate on it.

Additionally, L’Oréal also uses Service Now for Operational Security management.

Within Group Cybersecurity teams, you will be in charge to:

  • Leverage Service Now GRC to its full capability
  • Deploy it at the global scale
  • Be application owner of the Security Service Now solutions

Within the Group Cybersecurity team, you will be the Group GRC solution Manager:

  • Propose a detailed roadmap of Service Now GRC functional enhancements and Global extension
  • Implement and follow-up this plan
  • Build and manage an operational run model for Service Now Security solutions (GRC and Secops)
  • Be application owner of the Security Service Now solutions (incident and demand management)



                    Master’s degree in Information Technology

Professional experience:

You have a successful experience of at least 5 years, split between Cybersecurity and Service Now GRC within a consultancy firm or a Fortune 500 company

Technical skills:

  • ServiceNow GRC first practical experience on a large company
  • Good Cybersecurity knowledge, preferably supported by a worldwide certification in the field (CISSP, CISM, ISO 27001 LI/LA…)
  • Knowledge of Cybersecurity frameworks (NIST, ISO 27001, …)
  • Experience in PowerBI is appreciated
  • Strong skills in Word, Excel and PowerPoint

Management skills:

  • Ability to manage consultancy teams (i.e. GRC baseline)
  • Ability to communicate complex ideas effectively, both verbally and in writing, in English and French with international stakeholders and with Cybersecurity stakeholders within the Group

Interpersonal skills:

  • Willingness to learn and develop new hard and soft skills
  • Ability to navigate within a fast-moving environment
  • Strong analytical skills
  • Ability to lead workshops
  • Fluency in English is essential

Position based at Clichy (92) with regular meetings within Paris area and rare business trip abroad.