Remotery

GRC Security Engineer

Posted 3 days ago

This is a fully remote position, open to applicants in France.

📋 Description

• Take a pivotal role in DataDome's ISO 27001 initiative, managing daily execution across control maturity, evidence gathering, internal audits, and audit readiness.

• Support the ongoing maintenance of DataDome's SOC 2 Type II program, ensuring that controls, evidence, and follow-up actions remain on track.

• Ensure compliance efforts are practical, dependable, and scalable as the organization expands.

• Implement the risk management process in practice, which includes conducting risk assessments, organizing workshops, maintaining the risk register, developing treatment plans, and overseeing follow-ups.

• Collaborate with both technical and business stakeholders to systematically identify and evaluate risks in a meaningful way.

• Assist teams in transforming risk findings into clear, prioritized remediation actions.

• Manage third-party security evaluations for internal tools and vendors, encompassing onboarding assessments, reassessments, and follow-up actions.

• Verify that essential controls are effectively implemented across tools and processes, identify gaps or weak configurations, and ensure that remediation efforts are tracked and progressing with the appropriate teams.

• Oversee the security awareness initiative, which includes training, phishing simulations, and tracking effectiveness.

• Serve as a crucial security partner for Legal, HR, Finance, and Business Operations on issues related to people controls, data management, and process design.

• Support Sales on security matters when necessary, including crafting clear, accurate, and high-quality responses to security questionnaires and facilitating follow-up discussions during the sales process.

• Be adept at representing security during audits, which involves explaining how controls function, addressing auditor queries, and following up on findings.


⛳️ Requirements

• You possess a minimum of 7+ years of experience in a cybersecurity product company or an internet-scale SaaS environment.

• You have proven hands-on experience with ISO 27001 and grasp what it takes to successfully drive and sustain a certification program long-term.

• You are comfortable engaging directly with teams, comprehending how operations function in practice, identifying gaps, and advocating for enhancements that truly align with the workflow.

• You prioritize whether controls are genuine and effective, rather than merely documented.

• You are skilled at conducting structured risk assessments and facilitating discussions with both technical and non-technical stakeholders.

• You communicate clearly and confidently, both in writing and verbally, and you are proficient in both French and English.

• You possess the technical fluency to critically evaluate tools, systems, and processes, and to engage credibly with engineering teams regarding remediation efforts.

• You seek practical methods to simplify and automate repetitive GRC tasks, including leveraging AI when it provides real value.


🏝️ Benefits

• Flex Life: We provide remote, hybrid, and in-office options, with each position detailing the level of flexibility. Our Paris office is conveniently located next to the Opera Garnier. You will also receive a €500 stipend to help you create your ideal workspace if you work in a hybrid or remote capacity.

• For fully remote employees, we cover the SNCF discount card to facilitate visits to our office and connect with your team!

• Generous Health Benefits: We have partnered with Kenko to cater to your healthcare needs.

• An annual allowance of €100 is provided for a leisure activity of your choice in Sports or Culture.

• An annual allowance of €200 is available if you commute to the office by bike to assist with maintenance costs.

• Professional Development: #Weaimhigh is ingrained in our culture; hence, we have invested in an internal Learning and Development platform and offer opportunities to request further training and support through your manager.

• Events & Team Building: #We care and have fun! We organize various activities such as an Annual Company Offsite, Events, Drinks, Winter Parties, Lunch & Learns, and much more as part of our Culture.

• Parent Care: Gift and care packages for parents.

• PTO: Based on your country of residence (e.g., 25 days in France).

People also viewed

Fusion Consulting1 day ago

Senior Infrastructure Project Manager – Automation, OT Security

PL flagPoland OnlyFull-timeCybersecurity / Security Engineer
ApplyView job
DoorDash3 days ago

Staff Security Engineer – Proactive Security

US flagCalifornia OnlyFull-timeCybersecurity / Security Engineer$193.8k – $285k/year
ApplyView job
AppGate5 days ago

Federal Security Officer

US flagUnited States OnlyFull-timeCybersecurity / Security Engineer$90k – $115k/year
ApplyView job
CannonDesign5 days ago

Project Electrical IV – Cyber Security

US flagUnited States OnlyFull-timeCybersecurity / Security Engineer$96k – $120k/year
ApplyView job
Cisco5 days ago

Security Account Executive – Commercial Select

US flagTexas OnlyFull-timeCybersecurity / Security Engineer$213.3k – $300.4k/year
ApplyView job
General Dynamics Information Technology5 days ago

Information Systems Security Officer

US flagUnited States OnlyFull-timeCybersecurity / Security Engineer$129.8k – $172.5k/year
ApplyView job

Never miss a great job!

Get handpicked remote jobs straight to your inbox weekly.

Trusted by 7,400+ designers