Chief Information Security Officer

Swile is the first employee super-app and platform that offers a unified, personalized and modern experience that strengthens engagement at work.

But it's also a smart-card that brings together all your benefits: reinvented meal vouchers, gift vouchers to spoil your employees all year round, a mobility advantage to reduce your carbon impact

By combining the best of the human and technological approach, Swile undertakes to carry the current mutations of the labor market by posing as a leader of the Worktech.

Morning, noon and night, we move towards a vision of the world of work that is fulfilling for all employees

We are currently backed by 290 million euros raised from investors such as Softbank, Index Ventures, Idinvest, Bpifrance, Daphni and Kima. Today, we have no less than 750,000 users and more than 25,000 corporate customers (including Carrefour, Le Monde, PSG, Airbnb, Spotify, Red Bull and Tik Tok).

After the acquisition of Sweevana, Briq and Vee Beneficios, we have added a string to our bow following the acquisition of a French nugget, Okarito: with Swile, it is now possible to manage business travel expenses in complete autonomy.

Born under the sun of Montpellier, we are also present in Paris and Sao Paulo.

We have just united Swile & Bimpli under the same flag. To cut a long story short, Bimpli is a leading player in employee services and benefits, specializing in meal vouchers, gift vouchers, CESU, pot and CSE platform. More than 300 Bimpli employees are joining us to continue this crazy adventure which is to re-enchant everyday life and support the development of employee’s work experience all around the world.

Let’s Swile for a fulfilling work environment \uD83D\uDE80

**\uD83D\uDE0E Your future position**:

- Swile is looking for a global **Chief Information Security Officer.**:

- We believe in the effectiveness that comes from combining security governance with operational security under one leadership. We are looking for a profile that will unify these two activities and foster strong collaboration with our banking compliance and regulation team.

Your future missions will focus on:
**Governance, Compliance, Audit**
- Formulate and execute a robust cybersecurity strategy.
- Implement SOC2 and ISO 27001 within the next 24 months.
- Implement ITGC, ITAC, and lead IT part of financial audits.
- Establish and enforce top-tier security policies and standards.
- Vendor management and 3rd-party tools review processes.
- Provide strategic guidance to engineering teams, ensuring security integration in all tech aspects.
- Develop a trust center to strengthen relationships with our clients.

**Security Operations**
- Mentor an existing team of cybersecurity specialists.
- Regularly perform security checks, vulnerability assessments, and penetration tests.
- Foster a culture of security awareness, integrating practices across all teams.
- Enhance the detection capabilities by extending the technology coverage.
- Handle security incidents as the primary contact, overseeing investigations and remediation.
- Oversee cybersecurity awareness and training programs.

**\uD83E\uDD47 Your future team / stakeholders**:

- \uD83C\uDFE2 **Organization (Team)**:

- At Swile, the Innovation department (150 tech members) is divided into feature teams distributed among 5 Tribes \uD83E\uDDBE in France and Brazil
- Our technological stack mainly consists of Ruby for the backend, JS Node & React for the frontend and BFF, full Swift for iOS mobile, and full Kotlin for Android.
- **
\uD83C\uDFAF Key Stakeholders**:

- Tech an Products teams (Security, Development, IT, Product, etc.) to design and operate efficient, reliable, and scalable environments for users and Swilers.
- Internal Banking Compliance and Regulatory team.
- Internal Control
- Executive team
- Board of Directors and supervisory committee

**✨It will be a perfect match if**:

- You have strong experience in security/governance/compliance/risk matters (at least 10 years)
- You have mixed experiences with public companies and scale-ups
- You have already implemented SOC2 or ISO 27001
- You have international experience
- You have worked on product/SaaS
- You are a good communicator
- You are fluent in English