04 ene
L'Oréal
Tláhuac
**WANT TO KNOW MORE ABOUT OUR BIG TECH TRANSFORMATION?**
L’Oréal is present in 130 countries on five continents. For more than a century, L’Oréal has devoted itself solely to one business: beauty; it is now the industry world leader with €29 billion consolidated sales.
Today, L’Oréal includes **1700 tech positions** and it’s constantly growing. Especially with our ambition to become the **#1 BeautyTech company**, meaning inventing the beauty of the future while becoming the company of the future.
BeautyTech will equip the Group with the key assets it needs to conquer this new world, where Tech has become strategic.
To achieve this ambition, L’Oréal needs to continue recruiting **diverse**, **innovative,
skilled** and **passionate** minds in different tech domains such as Data, Digital, Cloud, Cyber Security, IT Architecture, DevOps, Applications and Infrastructure.
**HOLD ON, WHERE ARE OUR MANNERS?**
**WE HAVEN’T PRESENTED OUR TEAM!**
L’Oréal is in a period of growth and transformation in data and is building dynamic and multidisciplinary teams from different backgrounds to deliver on our exciting mission to accelerate the company’s Beauty Tech transformation.
We are seeking a highly skilled and experienced **_Cybersecurity Engineer _**to join our team
**INTERESTED?**
**THIS IS WHAT YOU WILL DO IN NUTSHELL!**
- Responsible for corporate cybersecurity tasks and projects, including development and management of security strategies, policies, and disaster recovery procedures for private and public cloud infrastructures, network and security operation centers, datacenters, networks, and remote sites.
- Specialize in information security procedures and processes design, security assurance and risk analysis,
network vulnerability assessment, penetration testing, incident handling and response management.
- Design security solutions protecting business from external and internal malicious intrusions including leaks of confidential information, cyber-theft of intellectual property: patents, copyrights, and trademarks, and business interruption: denial of service, loss of service availability, intrusions, and malicious code infections.
- Provide custom solutions architecture, security engineering services, IP network designs, network implementations, project management, and capacity planning for large network and security projects.
- Practical knowledge of standards: NIST, PCI-DSS, ISO, OWASP, SOC, GDPR, CCPA, SDLC
**THIS IS WHAT YOU WILL NEED TO SUCCEED!**
We love people that are curious, collaborative, eager to have an impact and who value innovation, autonomy, and team spirit. You value code simplicity, performance, and details.
**Requirements**:
**Desired Education or Equivalent Experience**
- Degree in Computer Science, Information Security, Data Science, Software Engineering
- One or more professional security certifications: Security+, CySA+, ECSA, Google PCSE, AWS CSS, AZ-500, CCSP, SSCP, CISSP
**Practical (hands-on) Knowledge of Technologies, Protocols, and Cloud Platforms**:
- AWS: VPC, SG, NACL, Security Hub, Trusted Advisor, Shield, Inspector, KMS, SSE, GuardDuty
- Azure: VNET, NSG, ASG, AD IAM, SQL Encryption, Key Vault, Application Gateway, Security Center
- GCP: Security Command Center, VPC Service Control,
Cloud Armor
- Proxies / Firewalls / Gateways: Zscaler, PaloAlto, Fortinet, Apigee, CA Layer7
- Analyzers/Scanners: AlgoSec, FireEye, Tufin, Splunk, Rapid7, Nessus, Snort, Netcat, Netmap
- Infrastructure: SDWAN, Meraki, IPSec, TLS/SSL, Cisco ISE, REST API
- Authentication: CyberArk, SSO, MFA, SAML, OAuth, OIDC, PKI (CA),
- Data Protection: CrowdStrike EDR/CWPP, Microsoft Purview Data Loss Prevention
- Must prove understanding of architecture design and common security vulnerabilities.
- A commitment to the crucial concept of promoting security as an enabler and not an inhibitor of business.
- Contribute to building enterprise architecture management, governance, and compliance programs.
- Strong organization, prioritization, rationalization, and analytics skills
- An ability to cultivate and build collaborative working relationships with a broad range of enterprise stakeholders.
- A well-developed understanding of business needs and a commitment to leading the information risk management team in delivering high-quality, prompt, and efficient service to the business.
- A well-developed understanding of and appreciation for organizational mission, values, and goals and consistent architecture of this knowledge.
- An ability to communicate complex and technical issues to diverse audiences.
- Deep and thorough knowledge of advanced enterprise level architecture security standards, techniques, and tools.
- Ability to assess code security vulnerabilities,
implement security measure and mitigating controls.
**WAIT, THERE IS MORE! LET US GIVE YOU 4 OTHER REASONS TO JOIN US!**
**Joining L'Oréal means joining a company that**:
- Invests in Tech and positions its Tech
Muestra tus habilidades a la empresa, rellenar el formulario y deja un toque personal en la carta, ayudará el reclutador en la elección del candidato.