Skip to main content
Posted 12 June, 2026

Governance, Risk and compliance

Publicis Groupe Holdings B.V
Gurgaon,HR,IN,122016 Full Time
Reference: 97_634958_2025-113991

Company Description

Resources is the backbone of Publicis Groupe, the world's third-largest communications group. Formed in 1998 as a small team to service a few Publicis Groupe firms, Re:Sources has grown to 5,000+ people servicing a global network of prestigious advertising, public relations, media, healthcare, and digital marketing agencies. We provide technology solutions and business services including finance, accounting, legal, benefits, procurement, tax, real estate, treasury, and risk management to help Publicis Groupe agencies do their best: create and innovate for their clients.

In addition to providing essential, everyday services to our agencies, Re:Sources develops and implements platforms, applications, and tools to enhance productivity, encourage collaboration, and enable professional and personal development. We continually transform to keep pace with our ever-changing communications industry and thrive on a spirit of innovation felt around the globe. With our support, Publicis Groupe agencies continue to create and deliver award-winning campaigns for their clients

Overview

This position is an active member of the Global Security Office (GSO), the security organization of Publicis Groupe under Re:Sources, responsible for supporting supplier security risk management activities globally. This position supports security requirements of Publicis Groupe, its agencies, and ensures the success of business by working collaboratively with internal and external stakeholders. This position also coordinates dependencies across the disciplines and organization to understand and address the ever-changing supplier security landscape and security-related business requirements. This position reports into Manager/Team lead Information Security

The responsibilities associated with the position are as follows:

  • Work as an individual contributor in Global team to support Global Supplier security risk management program
  • Perform review of supplier contracts, security agreements and data processing agreements, and help align the contract with Groupe security policies and standards
  • Perform supplier security risk assessments (SSRA) for suppliers
  • Interfaces with key stakeholders from procurement, vendor management, business units and data privacy team.
  • Actively manage supplier risk records, drive risk mitigations and management reporting
  • Participate in Supplier RFP process by performing review of supplier security controls and related documentations
  • Actively coordinates with Global supplier point of contacts to address escalation, issues and risks.
  • Advise business or operational teams on supplier security issues and risks. Coordinates the implementation of security controls, if required.
  • Maintains awareness of the current industry environment that shapes opportunities for client solutions (i.e. news events, trends, mergers, etc.).
  • Participate in different security projects and assessments, as per management directions.

ESSENTIAL JOB REQUIREMENTS:

  • Supplier security risk assessments, supplier contract reviews and supplier RFP reviews
  • Coordinate with different stakeholder for risk mitigation and updates
  • Maintain a support role in guiding other team on supplier security issues
  • Demonstrate communication skills regarding essential security risk and compliance concepts, processes, and procedures and their impact on IT and business processes.
  • Demonstrate interpersonal, presentation, and relationship skills required for supporting the internal and external customers.
  • Mandatory language skills (oral, written and listening): English

Responsibilities

Experience

  • At least 3 years of IT and / or information security-related experience, including experience in implementation and supporting a supplier security program based on ISO 27001 or any other well know security standard or framework.
  • Familiarity with general information security controls, processes and principles
  • Experience in managing or assessing cyber security controls, with knowledge on cloud solution preferred
  • Experience in working for an ISMS (ISO 27001) implementation and maintenance program
  • Exposure to other standards like SOC 1, SOC2, SSAE 3402, NIST CSF

Core Competencies

  • Teamwork
  • Communication
  • Results Driven
  • Customer Focus
  • Relationships
  • Adaptability to Change
  • Continuous Improvement

Technical Competencies

  • Security Audits and assessments
  • Security Risk Assessments including TPRM
  • Security Documentation
  • Knowledge of eGRC Solution (such as OneTrust, Archer, etc.)

Qualifications

Education & Certifications

  • Degree from an accredited University, preferably in Computer Science, Information Systems, or a related field; relevant working IT or security experience considered. Education and experience should also include auditing and/or operational risk management
  • Security certification such as CISA, CISM or CRISC strongly preferred

Additional Information

OTHER JOB REQUIREMENTS:

  • Good communication and presentation skills
  • Ability to work effectively and collaboratively with stakeholders.
  • Willingness to work with geographically dispersed teams may involve working during non-business hours occasionally to accommodate time-zone differences.
  • Travel: This position will periodically require visiting the office, especially during internal and external audits.

Employment Type: FULL_TIME
Apply to this Job

Sign up for Job Alerts

By clicking Create Alert, you agree to the Global Terms of Use Agreement and acknowledge that you have read and understand the Global Privacy Policy.