Marcq-en-Barœul, France
Contract type
Permanent Contract
+10 years

Job description

Reporting to the Group CIO (Chief Information Officer), in close collaboration with senior management, risk manager, internal auditor, physical security manager, as well as Group and local IT teams and technology partners, you will be in charge of defining, implementing and monitoring IT and OT security.

Your main activities will be to:

·          Define and implement IT security strategy, in collaboration with Regions / BUs / subsidiaries corporate senior management, and group CIO

·          Define IT security roadmap (e.g.: IT security roadmap, OT security roadmap)

·          Define and promote IT security governance, thanks to IT security committees, including KPIs and action plans

·          Define and drive IT security policies, in cooperation with IT senior management (e.g.: on-premise/cloud hosting sovereignty rules, back-ups/restore, user management, regular upgrades, patches, Single Sign-On …)

·          Define and drive OT security policies, in cooperation with DI senior management

·          Define and maintain IT security exemption plan (e.g.: Segregation Of Duties alternatives …)

·          Check existence and quality of IT Business continuity plans, in Regions / BUs / subsidiaries, and validate that necessary controls are properly done (e.g.: Disaster Recovery Plan, RTO, RPO, …)

·          Supervise e-reputation monitoring, from an IT point of view (domain names, social networks …), that can impact corporate image, in collaboration with Economical intelligence, marketing and communication departments

·          Actively participate to IT crisis unit, in case of cyber-attack (e.g.: first to mitigate impacts, then to recover ASAP), and build proactively remediation plans

·          Participate to IT risk analysis needs, in collaboration with group risk manager (e.g.: risk mapping, cyber-attacks, and fraud attempts, …)

·          Participate to IT internal audit, in collaboration with Group finance auditor (action at group IT level on group solutions, and delegation to local IT teams on local solutions), and perform IT security compliance checks (e.g.: penetration tests …)

·          Participate to data sensitivity definition from an IT security point of view

·          Participate to global IT projects to check IT security by design, and help Regions / BUs / subsidiaries to implement corresponding action plans

·          Coordinate IT security communications, between all stakeholders, and share important ones with senior management (e.g.: in case of cyber-attack …)

·          Organize IT security awareness campaigns, towards all employees, fitting with their activities (e.g.: cyber-security month campaign, …)

·          Ensure administrators / external providers’ IT/OT security maturity (e.g.: assessment)

·          Recommend IT security solutions, to strengthen IT security (e.g.: MFA, FIDO2, SOC …)

·          Define and maintain IT security contractual demands, towards external partners (e.g.: ISAE-3402 report required by auditors, ISO 27000 …)

·          Perform IT regulatory watch, on technical expertise side and ensure proper application (e.g.: US Cloud Act/Patriot Act, China cyber law, GDPR …), in collaboration with DPO

·          Perform IT vulnerabilities watch, on solutions available on the market (e.g.: Petya, SolarWinds, …)

·          Participate to IT security budget planning and follow-up (including reinvoicing to subsidiaries)



With a higher IT education (Bac+5), with at least 10+ years' experience in information systems, you have a significant experience in IT security field, as well as OT security, in a structure of a similar size to ours.

You are versatile and operational, able to deal with technical issues and assist your colleagues in their tasks. Practical experience in managing collaborative environments and associated security systems would be appreciated.

Good communicator, you are comfortable with various types of interlocutors (IS, Business, including top Management). You are demanding and firm, but also diplomatic and pedagogical.

Your ability to work in a matrix organization and lean structures is essential.

Fluent English is essential, as the Group's international dimension is not to be demonstrated.

You will be required to travel to the group's subsidiaries to provide on-site operational support when necessary.  

Beyond your knowledge and know-how, your interpersonal skills, your customer orientation, your rigor, your ability to work in project mode within a community of technical experts, your reactivity and your mobility contribute to your success.

Company description

 A key global player in fermentation for more than a century, Lesaffre, with a 2,2 billion euro turnover, and established on all continents, counts 10,700 employees and more than 85 nationalities. On the strength of this experience and diversity, we work with customers, partners and researchers to find ever more relevant answers to the needs of food, health, naturalness and respect for our environment. Thus, every day, we explore and reveal the infinite potential of microorganisms.

To nourish 10 billion people, in a healthy way, in 2050 by making the most of our planet’s resources is a major and unprecedented issue. We believe that fermentation is one of the most promising answers to this challenge.

Lesaffre – Working together to better nourish and protect the planet