Cybersecurity Governance, Risk
il y a 5 heures
Cybersecurity Governance, Risk & Compliance (GRC) SpecialistJob Openings Cybersecurity Governance, Risk & Compliance (GRC) SpecialistAbout the job Cybersecurity Governance, Risk & Compliance (GRC) SpecialistCybersecurity Governance, Risk & Compliance (GRC) SpecialistPosition OverviewWe are seeking a Cybersecurity GRC Specialist to develop, implement, and manage comprehensive governance, risk, and compliance programs aligned with leading cybersecurity frameworks including NIST Cybersecurity Framework, ISO 27001/27002, MITRE ATT&CK, and CIS Controls to ensure organizational security posture and regulatory compliance.Key ResponsibilitiesFramework Implementation & ManagementImplement and maintain NIST Cybersecurity Framework across organizational functions (Identify, Protect, Detect, Respond, Recover)Develop ISO 27001/27002 Information Security Management System (ISMS) and manage certification processesMap organizational security controls to CIS Controls and ensure implementation across all critical security functionsIntegrate MITRE ATT&CK framework for threat modeling, risk assessment, and security control validationEstablish governance structures, policies, and procedures aligned with multiple cybersecurity standardsConduct comprehensive cybersecurity risk assessments and business impact analysesDevelop risk treatment plans including risk acceptance, mitigation, transfer, and avoidance strategiesMaintain enterprise risk registers and ensure regular risk review and update processesPerform gap analyses against security frameworks and develop remediation roadmapsCreate risk-based metrics and KPIs for executive reporting and board communicationsCompliance & Audit ManagementManage regulatory compliance programs including SOX, PCI-DSS, HIPAA, GDPR, and industry-specific requirementsCoordinate internal and external security audits and manage audit finding remediationDevelop compliance monitoring programs and automated compliance reporting capabilitiesMaintain evidence collection and documentation for compliance demonstrationsSupport vendor risk assessments and third-party security evaluationsPolicy & Governance DevelopmentDevelop comprehensive cybersecurity policies, standards, and procedures aligned with business objectivesEstablish security governance committees and risk management oversight structuresCreate security awareness training programs and ensure organization-wide policy complianceManage policy lifecycle including review, approval, communication, and periodic updatesCoordinate cross-functional collaboration for security program implementationRequired QualificationsTechnical Skills5+ years experience in cybersecurity governance, risk management, or compliance rolesExpert knowledge of NIST Cybersecurity Framework, ISO 27001/27002, CIS Controls, and MITRE ATT&CKStrong understanding of regulatory requirements (SOX, PCI-DSS, HIPAA, GDPR) and compliance methodologiesExperience with GRC platforms (ServiceNow GRC, RSA Archer, MetricStream) and risk management toolsKnowledge of security control frameworks and security architecture principlesProficiency in risk assessment methodologies and quantitative risk analysis techniquesGovernance SkillsProven experience developing and implementing enterprise security governance programsStrong understanding of business continuity, disaster recovery, and crisis managementExperience with vendor risk management and third-party security assessmentsKnowledge of board reporting and executive communication for cybersecurity topicsPreferred QualificationsBachelor's degree in Cybersecurity, Risk Management, Business Administration, or related fieldProfessional certifications (CISSP, CISA, CRISC, CISM, ISO 27001 Lead Auditor)Experience with cloud compliance frameworks (SOC 2, FedRAMP, CSA CCM)Background in internal audit or external consulting for cybersecurity assessmentsKnowledge of emerging regulations and privacy frameworks #J-18808-Ljbffr
-
Cybersecurity Governance Analyst
il y a 10 heures
Paris, France Pluxee Temps pleinCybersecurity Governance Analyst page is loaded## Cybersecurity Governance Analystremote type: Hybridlocations: Paris (Issy-les-Moulineaux)time type: Full timeposted on: Posted Todayjob requisition id: R3521Permanent RegularJob Description:Pluxee is a global player in employee benefits and engagement that operates in 31 countries. Pluxee helps...
-
Cybersecurity Risk Management Specialist
il y a 10 heures
Paris, France Blackfluo.ai Temps pleinCybersecurity Risk Management SpecialistAbout the job Cybersecurity Risk Management SpecialistCybersecurity Risk Management SpecialistPosition OverviewWe are seeking a Cybersecurity Risk Management Specialist to identify, assess, quantify, and manage enterprise cybersecurity risks through comprehensive risk management programs, advanced risk assessment...
-
GRC Cybersecurity Specialist — NIST/ISO 27001 Expert
il y a 5 heures
Paris, France Blackfluo.ai Temps pleinA cybersecurity solutions company based in France is seeking a Cybersecurity Governance, Risk & Compliance (GRC) Specialist. In this role, you will implement leading cybersecurity frameworks, manage compliance with regulatory standards, and develop comprehensive governance programs. The ideal candidate will have over 5 years of experience and expertise in...
-
GRC Cybersecurity Specialist
il y a 10 heures
Paris, France Pernod Ricard Temps pleinJoin to apply for the GRC Cybersecurity Specialist role at Pernod Ricard Direct message the job poster from Pernod Ricard About the Tech Team Embark on an exciting journey with our global Tech team, operating in agile mode within a dynamic product organization. Join a collaborative environment where innovation thrives, and your contributions will directly...
-
APAC Regional CISO: Lead Cybersecurity
il y a 10 heures
Paris, France SCOR UK Company Limited Temps pleinA global reinsurer is seeking a Regional Chief Information Security Officer for the APAC region. This role will serve as the primary security leader, ensuring adherence to security policies and local regulatory obligations. The ideal candidate will have over 10 years of experience in cybersecurity, including 5 years in a leadership role. Responsibilities...
-
GRC Cybersecurity Specialist
il y a 2 semaines
Paris, France Pernod Ricard Temps pleinABOUT THE TECH TEAM Embark on an exciting journey with our global Tech team operating in agile mode within a dynamic product organization. Join a collaborative environment where innovation thrives and your contributions will directly shape the trajectory of our cutting‑edge products. As a key player in our agile setup you’ll have the opportunity to drive...
-
GRC Cybersecurity Specialist
il y a 4 jours
Paris, Île-de-France Pernod Ricard Temps pleinABOUT THE TECH TEAMEmbark on an exciting journey with our global Tech team, operating in agile mode within a dynamic product organization. Join a collaborative environment where innovation thrives, and your contributions will directly shape the trajectory of our cutting-edge products. As a key player in our agile setup, you'll have the opportunity to drive...
-
GRC Cybersecurity Specialist
il y a 4 semaines
Paris, France Pernod Ricard Temps pleinABOUT THE TECH TEAMEmbark on an exciting journey with our global Tech team, operating in agile mode within a dynamic product organization. Join a collaborative environment where innovation thrives, and your contributions will directly shape the trajectory of our cutting-edge products. As a key player in our agile setup, you'll have the opportunity to...
-
Hybrid Senior Technical Writer: Cybersecurity
il y a 7 heures
Paris, France Gravity Conseil Temps pleinA leading consulting firm is seeking a Senior Technical Writer specializing in Cybersecurity, IT & GRC. This hybrid position requires at least 5 years of technical writing experience and a Bachelor's degree in a related field. The successful candidate will create clear documentation that supports cybersecurity and governance practices, collaborating with...
-
Hybrid Senior Technical Writer: Cybersecurity
il y a 8 heures
Paris, France Gravity Conseil Temps pleinA consulting firm is seeking a Senior Technical Writer specializing in cybersecurity to join their team. This hybrid role involves creating and maintaining high-quality documentation that supports cybersecurity and governance. Candidates should have over 5 years of experience in technical writing or business analysis, a relevant degree, and strong...
