Information Security Officer

This is a fully remote position, open to applicants in France.

📋 Description

• Contribute to the upkeep and enhancement of the Information Security Management System (ISMS).

• Manage the operational tracking of compliance obligations (ISO 27001, SOC 2, GDPR, NIS2, etc.).

• Engage in document management, reporting, and coordination of information security initiatives.

• Assist the CISO in preparing for audits, client questionnaires, and external evaluations.

• Aid in maintaining the operational compliance of certifications like ISO 27001 and SOC 2.

• Contribute to both internal and external audit processes.

• Support the CISO with client security questionnaires and due diligence, ensuring the accuracy and traceability of the information provided.

• Monitor the compliance of key suppliers identified within the ISMS.

• Participate in the monitoring of regulations and standards (ISO, GDPR, NIS2, etc.) and adjust internal policies as needed.

• Assist in updating the information security risk map (identify threats, assess, and prioritize risks).

• Take part in tracking remediation plans, ensuring progress with pertinent teams.

• Help the CISO prepare regular reports on compliance status and associated risks.

• Create governance materials (security committees, dashboards).

• Participate in employee awareness programs (internal communications, guides, brief training sessions).

• Contribute to fostering a security culture throughout the organization.

⛳️ Requirements

• Compliance & regulation: solid understanding of standards and frameworks (ISO 27001, SOC 2, GDPR, CNIL, etc.).

• Knowledge of the functioning of an Information Security Management System.

• Risk management: fundamental understanding of analysis and methodologies (ISO 27005, EBIOS Risk Manager, etc.).

• Audit & internal control: capability to gather evidence, analyze discrepancies, and formulate action plans.

• Proficient spoken and written English.

• Degree in engineering, information security, risk management, digital law, or a related field.

• Familiarity with enterprise IT systems (cloud, SaaS, on-premise IT).

• Experience in an ISO 27001 or SOC 2 certification setting is advantageous.

• 2 to 4 years of experience in a similar position is preferred.

🏝️ Benefits

• Flexible remote work based on project requirements.

• Comprehensive Alan health insurance coverage.

• Meal vouchers applicable for meals or groceries.

• Commuter allowance for eco-friendly transportation.

• Employee savings plans (PEE & PERCO) to secure your financial future.

• Regular training opportunities to enhance your skills.

• “Dedocare” program focused on physical and mental wellness.

• Employee referral bonus to incentivize hiring through recommendations.

• Four major company events each year to foster team bonding.

• Collaborative and comfortable office environment (in addition to statutory benefits).