Cyber Risk and Compliance Engineer

Lucca is getting global For this job, the level required in English is C1 (making presentations).Cyber Risk and Compliance EngineerLocationFull remoteSalary€97,500 - €130,000 a yearDescriptionBac + 54 years minimum of experience requiredFrance (Paris, Nantes, or Marseille), full remote possible.Lucca is a rapidly growing SaaS publisher of human resource management software. We are a product and tech-oriented company, composed of passionate team members.Job DescriptionYour team and the Lucca context:As a Cyber Risk and Compliance Engineer, you will work with all Lucca teams (a very transversal role). You will join a dedicated security team made up of our CISO (Raphaël), our RSMSI (Anne-Flore), and two operational security experts forming a Purple Team.Lucca has been ISO 27001 certified since 2022 and has a strong internal technological maturity, allowing us to perform more than twenty deployments per day and to evolve our security very agilely.The sustained growth of Lucca translates into an increase in the number of projects and initiatives across all teams, and the need for security support for these initiatives.Your main mission:Today, we need experienced skills with this dual cyber and risk profile to support team growth in the face of our sustained scaling challenges.You will be at the heart of numerous projects aimed at improving, challenging, and evolving Lucca's security posture. This includes optimizing internal practices and tools, technology and cyber monitoring, with a resolutely security-by-design and automation-oriented approach.Your scope of action will be global, and you will be required to interact with all teams.Your role:* Risk Analysis: Conduct technical and in-depth risk analyses and develop strategic mitigation plans to strengthen our security posture, both internally (our projects, our processes, our IS) and externally (our partners, our suppliers).* Security Integration in Projects: Advise and challenge projects on the security measures to be implemented for all departments, through pedagogy on risk analysis, security-by-design solutions, and automation of control points.* Compliance Initiative Supervision: Lead internal compliance projects with effective execution at both organizational and technical levels.* Incident Management Support: Contribute to the improvement of our incident response processes, particularly by ensuring follow-up on post-mortem actions and implementing continuous improvements.* Technical Collaboration: Work closely with all Lucca teams to address and resolve complex security challenges.Profile sought:This position is for you if:❏ Technical Expertise: Solid experience in cybersecurity, ideally with hands-on technical skills in operational cyber (attack, defense) and coding (to understand technical issues).❏ Risk Management Skills: You have significant experience in risk analysis and developing effective risk management strategies, in compliance with ISO 27001 / 27005.❏ Pedagogy and Communication: Excellent ability to bridge technical and non-technical stakeholders, facilitating mutual understanding and quickly converging on solutions.❏ Organization, Leadership, and Follow-up: You possess strong organizational, leadership, and follow-up capabilities for security initiatives, leading stakeholders towards quick and effective solutions.❏ Proactive & Analytical: You are detail-oriented with excellent analytical skills and an initiative-driven mindset.❏ Passionate & Informed: You love cyber, conduct significant monitoring, and can illustrate risks with concrete, relevant, and current examples.❏ Knowledge of Kubernetes or .NET is a significant asset.Recruitment Process:Step 1: Phone interview with the talent acquisition manager (30')Step 2: Interview with your potential future manager (60')Step 3: Technical test / Practical caseStep 4: Short presentation with part of your future team (60')Step 5: Grand oral (45')At Lucca, you will find:• Passionate Luccas who approach topics seriously but without taking themselves too seriously.• Our company culture based on collaboration and individual empowerment.• An environment where every day feels like the first day.• Occasionally, pets waiting for affection.• Ambitious growth perspectives with varied internal mobility and even Erasmus between services.• The possibility of regular remote work.Join our human-sized company, where a very participatory functioning leaves significant room for initiative, innovation, and non-conformity.Benefits:• Attractive profit-sharing.• A vacation bonus.• RTT in addition to paid leave.• Essential classic benefits: CE benefits, meal vouchers (Swile), and a health insurance (Benefiz) fully covered by Lucca, competitive Gymlib subscription.• A collective event every quarter, aimed at bringing all Lucca members together to share the company’s news and perspectives in a formal… and less formal way.• Open mister-freeze in summer• And above all, being happy to get up in the morning to go to work. Yes, Lucca has achieved the 2nd place in the HappyIndexAtWork France 2024 ranking *(in the category of 500-999 employees).And finally, a little cultural focus:• Salaries are 100% transparent at Lucca.• The collective before the individual: there is no individual variable at Lucca, but a collective variable (profit-sharing) based on the growth rate of revenue.• After 3 years of seniority, each employee can define their salary during a committee.Our offers are open to recognized workers and employees with disabilities (RQTH).Please mention the word SUBSIDIZED and tag RMjE2LjUyLjEyLjIxOQ== when applying to show you read the job post completely (#RMjE2LjUyLjEyLjIxOQ==).Job type:Remote jobTagssaassupporttestcodemanagerengineerSent 2 days ago Apply on external site #J-18808-Ljbffr