Banner Information Security Officer

Banner Information Security Officer

Location: Longpont-sur-Orge (91)

Our role is a senior cybersecurity leader who serves as the primary liaison between the IT Security Team and the business functions for assigned Banner/Group Functions. The role ensures that Kingfisher Group strategies align with business goals and operations.

Responsibilities

• Act as the primary liaison between the wider Security Function and the Banner, balancing business operations and security.
• Develop and maintain strong relationships with key Banner stakeholders to deliver security, acting as the Information Security SME and trusted advisor.
• Own and maintain the Cyber risk register for the Banner(s) or Group Functions areas, with regular reviews and reporting.
• Support the Banner in risk decision‑making and prioritisation of activities.
• Ensure all projects/solutions are delivered “Secure by Design”, raising risks to manage and track progress of controls weaknesses.
• Lead the response between Group Technology and the Banner for security incidents and breaches and participate in the Cyber Security Incident Response Team (CSIRT) when appropriate.
• Educate stakeholders on cybersecurity‑related matters to promote a culture of security within the Banner and conduct awareness sessions and presentations for Banner colleagues.
• Ensure identified supplier risks are managed by the appropriate owner and are recorded and tracked.
• Provide detailed, accurate and timely reports to senior management, including metrics and the status of ongoing initiatives (e.g., Phishing simulations, Threat Intelligence, Security, Risks).
• Align the Cyber Security strategy, frameworks, policies and standards with business goals, feeding back into Information Security and GRC.
• Lead or conduct reviews of Banner systems, applications, platforms and processes against Group Frameworks, Policies & Standards to identify, document and report controls weaknesses and track risks.
• Escalate and report to key Banner stakeholders where vulnerability remediation activities are not being progressed or are overdue against Group Framework guidance.
• Participate in Banner planning and roadmap sessions to embed security into planning from the start.

Qualifications

• 5+ years proven professional experience in Information Security or closely related field.
• Proven experience in leadership or managerial roles within IT or Cyber Security teams.
• Breadth and depth of knowledge of common standards such as ISO 27001, NIST, OWASP, PCI, NIS2, etc.
• Excellent written and verbal communication skills, with the ability to convey complex technical issues to diverse audiences.
• Strong understanding of the business relevance of information security risks and current trends and developments.
• Robust decision‑making capabilities, weighing costs/benefits and identifying the most appropriate actions.
• Strong organisational, prioritisation and rationalisation skills.
• Ability to interface with stakeholders at all levels and gain their respect.
• Energetic self‑starter with strong interpersonal skills and a sense of urgency.
• Commitment to high standards of ethics, regulatory compliance, customer service and business integrity.
• Team‑oriented, recognising the value of a positive team environment.

Benefits

• Health Care and Life Insurance – Mutuelle with 60-70% paid by Kingfisher.
• Incentives – Participation and intéressement bonus, saving plan with employer contribution.
• RTT – Additional days off (cadre 14 RTT, agent de maîtrise 9 RTT) on top of legal leave.
• Staff Discount – Discount at Castorama stores and free customer card after 3 months service.
• Hybrid working – Depending on conditions.
• Lunch voucher – 7 euros, Kingfisher pays 50% after 3 months service.
• Annual performance bonus aligned with work level.
• Transport discount – 60% contribution to public transport costs.

We are an equal opportunity employer and welcome applications from people of all backgrounds. All colleagues, future colleagues, and applicants are treated equally regardless of age, gender, marital or civil partnership status, colour, ethnic or national origin, culture, religious belief, philosophical belief, political opinion, disability, gender identity, gender expression or sexual orientation.