Security Governance Manager (GRC)

Формат работы

hybrid

Тип работы

fulltime

Грейд

middle/senior

Английский

Страна

France

Вакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:

TL;DR

Security Governance Manager (GRC): Leading the governance, risk, and compliance framework to ensure robust security posture and regulatory adherence with an accent on SOC 2 certification, vendor risk assessment, and policy implementation. Focus on building scalable security processes, supporting enterprise-grade business growth, and collaborating with engineering and legal teams to integrate security into the product lifecycle.

Location: Based in Paris, France (Hybrid model)

Company

hirify.global is a product company building an innovative platform to reshape the world of work.

What you will do

Drive the SOC 2 certification program including gap analysis, audit preparation, and remediation coordination.
Manage the risk register and conduct recurring risk assessments and third-party vendor reviews.
Coordinate security governance activities such as access reviews, internal audits, and vulnerability tracking.
Develop and maintain security policies and the internal security knowledge base.
Design and deliver security awareness training and contribute to the Security Committee.
Provide security expertise on regulatory compliance (GDPR, AI Act) and support customer security questionnaire responses.

Requirements

4 to 7 years of experience in GRC, information security, or IT audit.
Proven track record with SOC 2 Type II and other security certifications (ISO 27001).
In-depth knowledge of GDPR and data protection best practices.
Excellent English proficiency required (C1 level).
Action-oriented, autonomous, and comfortable leveraging AI tools for GRC tasks.

Nice to have

French language skills are a strong plus.
Experience working within a startup or scaleup environment.

Culture & Benefits

Flexible work environment with a hybrid policy (remote days allowed).
Opportunity to work on enterprise-grade security within a fast-paced environment.
Collaboration with cross-functional teams including Platform Engineering and Legal.
AI-first approach to security governance and risk management operations.

Hiring process

Phone screen with the VP of IT & Security.
Technical assessment (60 minutes).
Values interviews.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →