Security Specialist (GRC)

TL;DR

Security Specialist (GRC): Maintaining and developing cybersecurity policies and standards for a global gaming leader with an accent on regulatory compliance and risk assessment. Focus on creating new security policies, ensuring consistency, and supporting information security compliance programs.

Location: Office-based in Paris, France (Saint Mandé).

Company

hirify.global is a global leader in gaming creating original and memorable gaming experiences.

What you will do

• Assess gaps in existing cybersecurity policies and standards.
• Collaborate with security architects and subject-matter experts to create and refine cybersecurity policies.
• Maintain a document repository for cybersecurity materials.
• Ensure consistency across various security policies, standards, procedures, and guidelines.
• Support hirify.global's information security compliance program.
• Participate in external audit preparation and response efforts.

Requirements

• Significant experience as a cybersecurity consultant or security analyst, preferably with GRC specialization.
• Prior experience crafting cybersecurity policies and procedures.
• Good understanding of IT systems and security fundamentals.
• Knowledge of major European privacy and cybersecurity laws and regulations (RGPD, NIS2, CRA).
• Knowledge of at least one global security framework (such as ISO 27001, NIST CSF, NIST 800-53, or CIS Controls standards).
• Fluent English.

Nice to have

• Prior experience in auditing organizational and/or technical security measures.
• Prior experience with a GRC tool.
• Prior experience in designing or implementing an IAM program.
• Holding a CISM, CISSP, CISA or ISO27001 Implementer/Auditor certification.

Culture & Benefits

• Profit sharing and yearly company saving plan.
• 25 paid time off + 12 additional paid days off.
• 50% of your Navigo pass is paid by the company, lunch vouchers (9€/day).
• Healthcare for you and your family.
• Office is located in Saint Mandé, with a gym available in the building.