Chief Information Security Officer

**Chief Information Security Officer**: **Ready to bring passion into your career ?** A global leading skincare and make-up company, Clarins is above all the embodiment of a committed family history, with a fierce passion for innovation and spirit of independence. Its raison d’être is "making life more beautiful, passing on a more beautiful planet". Operating in more than 150 pays, we are now the number one skincare company in Europe* and are accelerating our development on all other continents, particularly in Asia and the Americas. Because our 8,500 talents are unique, we are committed to promoting diversity in all its forms. Do you want to help write the next chapter of our story? **The role**: Reporting to the CISO Group and Regional IT Director, the Regional Security Manager will be responsible for implementing the Information System Security Policy defined by the CISO Group. In addition, he/she will play a role of support, information, advice and alerting management on IT security risks for all his interlocutors. He/she is in charge of implementation of security projects in coordination with the CISO Group and the Regional IT Director. He/she is responsible for the management, communication, budget and planning for which he is responsible. He/she must also find solutions to the problems inherent in project management while respecting the group's standards. He/She is also in charge in additional security in him/her region, to ensure this role for other regions when they are out of business hour. Scope: - Computer workstations / Servers - Active directory environment - Security environment : Firewall NextGen, Antivirus, EDR, Landesk Management Suite, Mobile Device Management Intune, AdminBastion, Proxy in the cloud - Office 365 **What you’ll do**: **1. Implementation of information systems security policies, tools and standards** - Ensure the implementation of the IS security policy defined by the Group - Technological watch on new domains and security systems including the DRP of the subsidiaries in the area - Respect and control the implementation of the ISSP group in the subsidiaries of the area - Analyze the risks related to information systems and suggest corrective measures - Present the necessary changes to maintain the best possible level of security - Provide advice and implementation of security with internal IS&T teams, business project managers but also subcontractors with whom it is in direct contact - Performs security audits, drafts and enforces the associated recommendations **2. Projects and maintenance in operational condition of security tools** - Contribute to guaranteeing the availability of the Clarins information system for its area and its subsidiaries, preserves its integrity and confidentiality and ensures the security of IT transactions - Continual training of local / regional teams - Manage the security projects assigned to him by the CISO group / Regional IT Director - Monitor progress and performance (quality, costs, time) - Ensure coordination between the different interlocutors (projects, infrastructures, 3rd party) - Ensures the production and quality of the published documents - Involvement and support for the security part of IT / business projects - Implement IT security methods and tools, and support their implementation with regional / local IT and users - Monitor and update security procedures - Facilitate the change management process impacting security - Write maintenance and safety operating procedures that will be shared with the Group, regional, local teams and service providers in compliance with group standards - Ensure the quality of operating documentation - Ensure system consistency and security - Contribute to the improvement of group standards and user best practices and implement them - Continually seek to improve the service provided by innovative, simple and state-of-the-art solutions validated by the CISO Group - Ensure a constant technological watch (security solution / methods of hackers) **3. Reporting and communication skills** - Monitoring and reporting on security to the CISO Group - Ensures regular reporting to the CISO Group and follows escalation and communication procedures within the group for major incidents - Maintains systems and services in top operational condition - Be the face of Cyber Security with users in the various business committees to support them in projects - Ensure the communication of new arrivals and annual campaigns - Ensuring communication during crisis management - Produce dashboards and update indicators to the CISO Group **You are**: - Adaptable and flexible - Analitic and synthetic - Rigorous and organized - Capable of risk identification and decision making - Fluent in both english and french **You have**: - Master Degree in IT management with advanced skills in systems and network and security system. - 5 years minimum of work experience in a similar function. - Strong analytical skills,