Senior GRC / ISO 27001 Program Lead
France
Contract
3 weeks ago
No Sponsorship
Key skills
Cyber SecurityAISaaSCollaboration
About this role
Role Overview
- Take direct ownership of the ISO 27001 certification program
- Design and execute the roadmap end-to-end
- Define and own the certification roadmap: milestones, deliverables, dependencies
- Build and operate the Information Security Management System (ISMS)
- Manage the full audit cycle
- Conduct and maintain risk assessments on critical assets
- Analyze risks related to AI agents deployed within the company
- Implement permanent controls and the ISMS internal audit program
- Run recurring operational tasks in direct collaboration with application and system owners
- Engage the company and collaborate cross-functionally
- Leverage AI to drive efficiency
Requirements
- Minimum 8 to 12 years in cybersecurity / GRC
- Significant experience leading an ISO 27001 certification end-to-end
- Experience in international environments, ideally SaaS, AdTech, media or data-driven companies
- In-depth mastery of ISO 27001 / 27002 and the ISMS
- Operational mastery of at least one risk analysis methodology (EBIOS RM or ISO 27005)
- Fluent in French and English, both written and spoken
Tech Stack
- Cyber Security
Benefits
- Health insurance
- Retirement plans
- Paid time off
- Flexible work arrangements
- Professional development