Reference : FRA15733

Application Security Officer

  • France Courbevoie
  • Permanent / Regular
  • Posting date : 02/01/2023

Position description

Within Group Digital & IT, ERP & Finance teams lead ERP solutions, projects and service delivery, roadmaps and the evolution of the Saint-Gobain ERP portfolio. This includes supply chain, transport, warehouse management, sales and finance applications.

As Application Security Officer, you are responsible for the Cybersecurity of services and platforms provided by ERP & Finance teams. Reporting to the Application Security Officers Team Manager, you are accountable for the implementation of cybersecurity strategy, operation and compliance on your perimeter (in alignment with Group IT and business Strategy). You are also one of the team leaders, with the responsibility to engage the team to achieve goals and act proactively to ensure smooth team operations and effective collaboration.

Within that context, you missions are to:

Secure the build

  • Support teams for the implementation of security into projects
  • Support business security officers on security topics related to ERP & Finance

Deliver security operation

  • Deliver continuous security compliance, including remediation and improvement plans, and periodical reporting
  • Raise the overall security knowledge of stakeholders through awareness and training
  • Ensure Cybersecurity incidents management and contribute to resolution of major incidents or crisis

Support Continuous Security Improvement

  • Define & implement a security strategy based on risks, threat landscape, technology evolution and Group IT strategy
  • Steer Cybersecurity projects in coordination with Group Digital & IT teams
  • Stir the group AppSec community
  • Lead security standardization by defining and sponsoring security rules and baselines


You have a higher education with a Master’s degree with a specialization in IT or Cybersecurity. You have more than 7 years of experience in the IS security field including a successful experience related to ERP security.

  • An international experience would be a plus
  • One (or more) security certifications would be a plus.

Technical skills:

  • Full proficiency on the security features of main ERP technologies (SAP, MS Dynamics, etc.)
  • Good knowledge of application security risks, associated modeling, and their mitigation
  • Knowledge of the security fundamentals of IS (network, hosting, OS, middleware)
  • Knowledge of risk analysis methodologies (EBIOS, etc.) and security into project

Personal skills:

  • Leadership
  • Teamwork (openness, relational)
  • Structure, analysis and synthesis
  • Good oral and written communication
  • Autonomy, source of proposals and initiative-taking


  • English
  • French