🛠 Tech Stack

💼 About This Role

You'll lead GRC strategy and operations for a fast-growing fintech scale-up, bridging regulatory excellence with operational agility. Reporting to the CISO, you'll manage ISO 27001, PCI-DSS, and SOC2 certifications while overseeing IT risk management and third-party frameworks. You'll collaborate with international teams in France and Brazil to ensure security scales with growth.

🎯 What You'll Do

• Lead Information Security Risk Assessments and IT risk management
• Maintain ISO 27001, PCI-DSS, and implement SOC2 certifications
• Design and execute Third Party Risk Management (TPRM) under DORA
• Coordinate annual Disaster Recovery tests and Business Impact Analysis

📋 Requirements

• 5+ years experience in GRC, IT Audit, or Cybersecurity Governance
• Familiarity with Cloud Security environments (AWS) and ITGC basics
• Hands-on mindset building processes, not just documenting
• Fluent in French and English for France & Brazil collaboration

✨ Nice to Have

• Scale-up background
• Experience with regulatory reporting for financial authorities (ACPR, Banque de France)

🎁 Benefits & Perks

• ☀️ Work in sunny Montpellier with relocation support
• 📈 Professional development and career growth opportunities
• 🤝 Collaborative environment with talented engineers
• 💰 Competitive salary and benefits package