- Company Name
- Memority
- Job Title
- Ingénieure/Ingénieur Cybersécurité GRC
- Job Description
-
**Job Title**
Cybersecurity GRC Engineer
**Role Summary**
Collaborate with the Chief Information Security Officer (CISO) to develop, implement, and maintain governance, risk, and compliance (GRC) initiatives across the organization’s SaaS security platform. Focus on policy development, risk assessment, incident response, and certification upkeep, while coordinating with internal and client‑facing security teams in an agile environment.
**Expectations**
- Proactive ownership of GRC projects, ensuring alignment with business objectives and regulatory requirements.
- Effective communication with stakeholders, including executive management, security teams, and client operations.
- Continuous improvement of security processes, tools, and documentation.
**Key Responsibilities**
1. Define acceptable risk limits and security objectives.
2. Draft, review, and update security policies and procedures.
3. Lead and support ISO 27001, ISO 27701, SOC 2 Type 2, EUCS, AirCyber, and other certification activities.
4. Conduct risk analyses and provide mitigation recommendations.
5. Monitor, audit, and control the IT environment, including SOC operations.
6. Manage security tools, conduct PoC studies, and drive tool industrialization.
7. Coordinate incident and anomaly handling, data‑leak prevention, and crisis exercises.
8. Facilitate the successful deployment of the platform to clients.
9. Deliver ongoing security awareness training for new hires and staff.
**Required Skills**
- Strong grasp of GRC concepts (policy, risk, compliance, audit).
- Experience with ISO 27001/ISO 27701, SOC 2, EUCS, AirCyber or similar frameworks.
- Proficiency in risk assessment methodologies and incident response procedures.
- Familiarity with SOC operations and security tooling.
- Ability to develop and manage PoCs, and to scale security solutions.
- Excellent written and verbal communication skills.
- Agile, DevSecOps mindset for cross‑functional project delivery.
**Required Education & Certifications**
- Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or related field.
- Certifications such as CISSP, CISM, CRISC, ISO 27001 Lead Implementer, or equivalent preferred.