3h ago
Senior Security Analyst - GRC
Massy, France
full-timeseniorCloud-based procurement solutions
Tech Stack
Description
You will join the InfoSec team to build, maintain, and improve our Information Security program, providing assurance to customers. You will lead compliance initiatives, manage security audits and risk assessments, and translate security requirements into actionable guidance for engineering teams.
Requirements
- At least 4 years of experience as Security Analyst GRC
- Strong knowledge of security, risk, and compliance frameworks (NIST CSF 800-53, ISO 27001, SOC, HITRUST, HIPAA, PCI-DSS, GDPR)
- Direct experience managing audits, self-assessments, or risk assessments against InfoSec frameworks
- Experience performing or supporting security risk management processes
- Good understanding of cloud platforms (Azure, AWS, GCP) and security architecture
Responsibilities
- Lead compliance initiatives across SOC 1/2, ISO 27001, IRAP, PCI-DSS, SecNumCloud, Cyber Essentials Plus, BSI C5, NIST 800-53
- Evaluate technical controls across the technology stack and translate security requirements into actionable guidance
- Drive customer security audits, security questionnaires, and contract reviews for EMEA region
- Participate in negotiation and review of French contracts to ensure security and compliance obligations
- Lead or support internal and third-party security risk management processes including risk identification, analysis, and monitoring
0 views 0 saves 0 applications