The cybersecurity manager at Sephora as a retail and online company plays a crucial role in protecting the organization’s Tech and digital assets, customers, and employee data. The cybersecurity manager must be comfortable with the 5 C's of cybersecurity: Change, Continuity, Cost, Compliance, and Coverage and knows how to put into practices all of them in an ever-evolving digital and tech realm where securing assets against threats has become paramount.
Cyber Security Policy and best practices Enforcement: Implementing security policies and procedures to protect sensitive data, ensuring compliance with LVMH security footprint and process.
Incident Response: Assist EME and global teams when managing an incident response plan to address security breaches or attacks directly targeting the region or local partners, including detection, containment, eradication, and recovery processes.
Employee Cybersecurity Awareness: Enforcing EME and Global awareness and learning initiatives to promote cybersecurity culture. Promoting best practices, coordinating phishing campaigns, and safe handling of customer data to promote a security-aware culture.
Monitoring and Reporting: Collaborate with regional teams on monitoring of systems for suspicious activity and reporting to assess the effectiveness of security measures.
Collaboration with IT Teams: Working closely with IT development teams to ensure that security is integrated into all systems and processes, including software development, vulnerability management and network architecture.
Vendor Management: Evaluating third-party vendors for security compliance, especially if they handle sensitive customer data or have access to internal systems.
Regulatory Compliance: Ensuring that the company adheres to laws and regulations governing data protection and cybersecurity, such as GDPR or CCPA.
Payment security: Collaborate with EME & Global teams in the security of payment methods and related partners, ensuring the compliance of industry standards such as PCI-DSS (EFT and Credit card payment).
Technology Implementation: Overseeing the deployment of security technologies (like firewalls, intrusion detection systems, encryption, and anonymization) to protect the company's assets.
Close collaboration with internal control teams on the DRP topics, ensuring a hand in hand work on the below.
Close collaboration with legal team on GDPR, Local Data protection laws and in general data privacy topics
In summary, the IT cybersecurity manager will ensure that both retail and online projects, solutions and operations are secure, helping to build customer trust and protect the organization from potential threats, according to LVMH and Sephora EME and Global tech team
You have proven track record and skills as a Cyber Security professional in an international and multicultural environment.
Have a cybersecurity mindset.
Have advanced knowledge of Information Security technologies best practices and international standards,
Advanced knowledge of Risk Management, and international standards,
Have a global understanding of Retail and distribution activities, related processes, and IT ecosystems.
You’re able to understand how they work together. You’re able to get the big picture and global understanding of the project on which you contribute, as well as operationally support, implement, and coordinate activities,
Be Self-starter, ability to take a topic and drive it to deliver business value,
Proven analytical, evaluative, and business oriented.
Have the capability to work as a reliable IT business partner, rather than just a technical support function and delight our end-users,
Endowed with a very strong general IT knowledge, and high competences in systems, security, and network,
Have “Hands-on” and ability to operationally contribute to the success of the projects,
Being problem solving oriented,
Experience working in complex IT environments, and able to prioritize and plan complex work in a rapidly changing context, with a good level of project management expertise,
Experience managing multiple vendors and projects simultaneously to deliver quality outcomes for internal stakeholders, across varied domains and geographical locations (GCC),
Extensive experience working in a team-oriented, collaborative environment,
Have an effective communication with various stakeholders at EME and Global level, including IT and business,
Be “end-users" and "service quality" oriented,
Be comfortable with matrix organization,
Have > 10 years’ experience (including at least 3 Years in an omni retail company),
Have master’s degree in computer science or equivalent.
CISSP, ISO 27001, ISO 27005, CRISC or CISM Certification not mandatory but will be greatly appreciated.
Arabic and French are a real plus.
