Senior GRC Security Engineer
New
D
DataDomeCybersecurity SaaS
Location: France - RemoteFull-TimeSenior
Salary not disclosed
Apply NowOpens the employer's application page
Job Details
- Languages
- French and English
- Experience
- 7+ years
- Required Skills
- Risk Management
Requirements
- 7+ years of experience in a cybersecurity product company or internet-scale SaaS environment.
- Demonstrated hands-on experience with ISO 27001 certification and maintenance.
- Ability to work comfortably in both French and English (written and spoken).
- Experience facilitating risk assessments with technical and non-technical stakeholders.
- Technical fluency to assess systems, processes, and tools with a critical eye.
- Proven ability to build and automate GRC workflows and repetitive tasks.
- Familiarity with SOC 2 Type II and third-party risk management.
- Knowledge of GRC automation platforms such as Vanta.
- Awareness of AI governance topics or security implications of AI tooling.
Responsibilities
- Drive day-to-day execution of the ISO 27001 program including control maturity and internal audits.
- Maintain the SOC 2 Type II program by ensuring controls and evidence collection stay on track.
- Conduct risk management processes including risk assessments, register maintenance, and treatment plans.
- Perform third-party security reviews and onboarding assessments for internal tools and vendors.
- Lead the security awareness program including training and phishing simulations.
- Partner with Legal, HR, Finance, and Business Operations on data handling and security topics.
- Support the Sales team by answering security questionnaires and representing security during audits.
- Build and own a tooling and workflow engine to automate GRC activities.
View Full Description & ApplyYou'll be redirected to the employer's site