Senior Security

What You’ll Do: Joining the Trust & Compliance team means stepping into the engine room of security strategy at a fast‑moving tech company. A front‑row seat to how security drives innovation in a data and AI‑driven company. A strong cross‑functional culture: you’ll work with security engineers, architects, product managers, legal, compliance, and ops. A real project ownership opportunity—not just tracking tasks, but designing how compliance happens at scale. The freedom to propose, improve, and automate— we value people who bring structure and clarity, then move fast to deliver. Senior Security & Compliance Project Manager – Overview: As a Senior Security & Compliance Project Manager, you will drive key security and compliance initiatives across Criteo. Your role is transversal and strategic: identifying and qualifying risks, defining priorities, aligning stakeholders, and ensuring consistent execution—from vision to delivery. You might also own topics such as writing standards/policies, risk management, third‑party risk management, ISO27001, SOC2, SOX, and other team initiatives. Key Responsibilities: Lead strategic security GRC programs. Manage risks. Define and structure security compliance projects (ISO27001, SOC2, NIST, internal control plans). Turn strategy into actionable roadmaps and clear milestones. Lead end‑to‑end project delivery across multiple teams (Security, Engineering, Infrastructure, Physical Sites, Legal, etc.). Facilitate and energize collaborative workshops and steering committees. Be a trusted partner for technical teams. Bridge the gap between compliance and engineering—technical knowledge and security expertise are key. Coordinate audit activities, from preparation to closure (internal and external). Review technical designs to ensure alignment with security best practices. Drive the Security Audit Lifecycle: Plan and lead major security audits and assessments (SOC2, ISO27001, NIST). Drive evidence collection in collaboration with all involved stakeholders. Orchestrate and follow‑up the remediation of findings. Contribute to the team’s transversal missions. Participate in SOX legal audit, third‑party risk management, client security questionnaires, and due diligence. Support the creation of clear, structured, and actionable security documentation (policies, standards). Write security GRC documentation (Information security policies, Technical security standards using technical knowledge). Who You Are: Educational Background: Master’s degree in Information Security, Computer Science, or a related field. Additional certifications in security governance or compliance frameworks (e.g., ISO27001 Lead Auditor/Implementer, CISA, CISSP, or similar) are highly valued. Continuous professional development in areas such as risk management, audit methodologies, and regulatory compliance. Skills and Experience: Experience in security GRC, compliance, or risk management. Comfortable working with engineering teams, with a passion for it; understands authentication, encryption, access control, threat modeling, and can communicate with engineers. Ability to structure and lead complex, multi‑team projects in a fast‑paced, agile environment. Soft Skills: Autonomous, resourceful, and driven by impact—handling ambiguity. Strong communicator: simplifies complexity, aligns stakeholders, keeps momentum. Solution‑oriented, action‑driven mindset—identifying and sharing solutions, implementing the best one, documenting to prevent recurrence, and automating where possible. Fluent English; French is a plus but not mandatory. We acknowledge that many candidates may not meet every single role requirement listed above. If your experience looks a little different from our requirements but you believe you can still bring value to the role, we’d love to see your application Who We Are: Criteo is a leader in commerce media, helping brands, agencies, and publishers create meaningful consumer connections through AI‑powered advertising solutions. We’re shaping a more open and sustainable digital future for advertising. We foster a workplace where everyone is valued, and employment decisions are based solely on skills, qualifications, and business needs—never on non‑job‑related factors or legally protected characteristics. What We Offer: 🏢 Ways of working – Our hybrid model blends home with in‑office experiences, making space for both. 📈 Grow with us – Learning, mentorship & career development programs. 💪 Your wellbeing matters – Health benefits, wellness perks & mental health support. 🤝 A team that cares – Diverse, inclusive, and globally connected. 💸 Fair pay & perks – Attractive salary, with performance‑based rewards and family‑friendly policies, plus equity potential depending on role and level. Additional benefits may vary depending on the country where you work and the nature of your employment with Criteo. #J-18808-Ljbffr