Leroy Merlin - Cybersecurity Analyst - Governance, Risk and Compliance

Descrição:

Leroy Merlin is recruiting a Cybersecurity Analyst - Governance, Risk and Compliance

About the Job: At LEROY MERLIN, they put people at the heart of every decision with a customer & human-first approach. They grow through an ecosystem that connects employees, customers, partners, and suppliers to create positive impact. We foster a unique team spirit across the 20+ countries where we operate as part of the ADEO group. The environment is relaxed and informal, where everyone is treated equally. Diversity, Inclusion, and Equity are core values for us. They believe that recognizing and celebrating differences brings greater value to our stakeholders. Innovation drives us, and we easily adapt to new tools in a collaborative, agile, and data-driven culture. With a flexible work policy, we emphasize autonomy, accountability, and personal growth. At LEROY MERLIN, they are all leaders of there own learning and development.

Worday :

• Identify, assess, and monitor cybersecurity and compliance risks;
• Ensure the implementation and compliance with applicable standards and regulations (e.g., GDPR, ISO 27001, NIST CSF, NIS2);
• Support internal and external audits, ensuring proper preparation and response to security findings;
• Develop and maintain GRC (Governance, Risk, and Compliance) policies, standards, and frameworks aligned with market best practices;
• Collaborate with internal teams to ensure the effective implementation of security controls;
• Conduct periodic assessments and reviews for continuous improvement of security practices;
• Define and track KPIs and metrics related to risk and compliance;
• Prepare reports for management on security status and identified risks;
• Participate in the definition and execution of security incident response plans;
• Develop and promote security and compliance awareness programs for employees;
• Promote best practices and secure behaviors within the organization;
• Act as a strategic partner to IT, Legal, and Business teams in risk and compliance management;
• Provide support in evaluating risks associated with suppliers and third parties

Requirements:

• Bachelor's degree in Information Technology, Management Informatics (or similar fields), ISO 27001, NIST, or Certified Ethical Hacker (CEH);
• 2 to 4 years of professional experience in cybersecurity (GRC focus), information security, or digital risk management;
• Knowledge of security policies, risk management, and frameworks (ISO 27001, NIST, GDPR);
• Ability to work autonomously and make decisions;
• Proactivity and a strong sense of responsibility;
• Excellent communication, influence, and information management skills;
• Advanced level of spoken and written English.

• HR Screening;
• Technical Interview and Discussion.

• Integration into a multinational company with a competitive salary and variable compensation, adjusted to your experience and qualifications;
• Benefits and partnerships with over 200 brands;
• Initial training for company and role integration;
• Well-being policies, including the possibility of 30 days of annual leave;
• Employee referral program with incentives for each recommended candidate who joins the team;
• Flexible work policy with a hybrid work model;
• Food benefits, including complimentary soup, fresh fruit, bread, butter, cereals, milk, and yogurt;
• 10% discount at Leroy Merlin stores;
• Health and life insurance;
• Access to the Coursera platform;
• Opportunity for certifications in different fields;
• 1 day of corporate volunteering.