Senior GRC Security Engineer

New
D
DataDomeCybersecurity SaaS
Location: France - RemoteFull-TimeSenior
Salary not disclosed
Apply NowOpens the employer's application page

Job Details

Languages
French and English
Experience
7+ years
Required Skills
Risk Management

Requirements

  • 7+ years of experience in a cybersecurity product company or internet-scale SaaS environment.
  • Demonstrated hands-on experience with ISO 27001 certification and maintenance.
  • Ability to work comfortably in both French and English (written and spoken).
  • Experience facilitating risk assessments with technical and non-technical stakeholders.
  • Technical fluency to assess systems, processes, and tools with a critical eye.
  • Proven ability to build and automate GRC workflows and repetitive tasks.
  • Familiarity with SOC 2 Type II and third-party risk management.
  • Knowledge of GRC automation platforms such as Vanta.
  • Awareness of AI governance topics or security implications of AI tooling.

Responsibilities

  • Drive day-to-day execution of the ISO 27001 program including control maturity and internal audits.
  • Maintain the SOC 2 Type II program by ensuring controls and evidence collection stay on track.
  • Conduct risk management processes including risk assessments, register maintenance, and treatment plans.
  • Perform third-party security reviews and onboarding assessments for internal tools and vendors.
  • Lead the security awareness program including training and phishing simulations.
  • Partner with Legal, HR, Finance, and Business Operations on data handling and security topics.
  • Support the Sales team by answering security questionnaires and representing security during audits.
  • Build and own a tooling and workflow engine to automate GRC activities.
View Full Description & ApplyYou'll be redirected to the employer's site
View details
Apply Now