Browse
Employers / Recruiters

Security Analyst (GRC Specialist)

pigment · 30+ days ago
London or Paris
Negotiable
Full-time
Continue
By pressing the button above, you agree to our Terms and Privacy Policy, and agree to receive email job alerts. You can unsubscribe anytime.
Our Story So Far

Since our founding in 2019, Pigment has become one of the fastest-growing SaaS companies in the world today. Our product, a highly efficient Enterprise Performance Management (EPM) platform, is helping companies achieve their financial goals by quickly responding to dynamic factors in their respective markets including Tech, Retail, CPG & Financial Services. 

In less than 5 years, Pigment has grown to over 450 employees across offices in New York, Toronto, London & Paris and attracted a total of $393M in investment from some of the top Venture Capital firms globally.
We serve companies including Unilever, Deliveroo, Gong and Brex to name a few!

We are looking for a Governance, Risk and Compliance specialist, whose core focus will be to protect our customers' and compliance data.

Key Responsibilities

  • Strategic Leadership

  • Under the coordination of the CISO, participate in the definition of a multi-year, risk-driven security roadmap, design policies, processes and guidance documents driving its implementation

  • Implementing the security roadmap, either autonomously or with support from other engineering teams, either in a delivery or project management capacity, depending on the project’s technical requirements.

  • Establish and implement company-wide security policies and procedures covering internal IT, production platforms, facilities, and more.

  • Improve and maintain the risk analysis and its mitigation planDesign and implement a comprehensive reporting framework of security indicators

  • Operational Excellence

  • Drive implementation of the security roadmap, leading initiatives and coordinating with engineering teams or other relevant stakeholders (legal, HR, support, customer experience

  • Oversee vulnerability remediation, including triage, prioritization, and mitigation follow up.

  • Oversee vendor security assessments and ensure alignment with compliance requirements, deliver security approvals in the procurement process

  • Participate in the asset management program (contractors, accounts, datasets, etc.) 

  • Compliance Management

  • Lead certifications renewals for SOC 1, SOC 2, and contribute to acquisition of new certification (e.g., ISO 27001, ISO 27701)

  • Lead planning and execution of compliance audit programs conducted both internally and externally.

  • Maintain and enhance compliance programs, collaborating cross-functionally to ensure adherence.

  • Coordinate with the Sales and Legal teams to understand the legislative landscape and market requirements in terms of compliance.

  • Advocacy and Training

  • Design and implement security awareness training programs and champion best practices across teams (onboarding training, awareness training, phishing simulations, developer trainings)

Experience & Expertise

  • At least 5 years of experience on governance and compliance topics, either as Security Engineer, Security Project Manager, or compliance officer (of course, you can be way more experienced!)

  • Extensive knowledge and experience with the ISO27000 series standard:  implementation experience in obtaining and maintaining is a plusSolid technical background in security engineering

  • Great team spirit with a problem-solving, can-do attitude.

  • Good dose of humility and the willingness to grow (no matter your seniority!).

  • Fluent in English (French is not mandatory!).

Environment

  • The scope of this role includes both the production environment and internal IT
  • Sites in Paris, London, Toronto and NYC 
  • MacOS, Windows, Linux
  • GCP, Kubernetes, Terraform, Postgres, SingleStore, Vault
  • Okta, Oauth, JWT, C#, .NET Core, TypeScript, React
  •  Vanta (GRC), Riot (awareness), Google Workspace (office), Jumpcloud (MDM and SSO), Hibob (HRIS), Slack (IM), GitHub (VCS), CircleCI / ArgoCD (CI/CD) HackerOne (Bug Bounty program), Datadog (SIEM), 1Password (password manager)
Pigment is an equal opportunity employer. We believe diversity is a strength and fosters innovation. We are committed to enabling everyone to feel included and valued at the workplace.  All qualified applicants will receive consideration for employment without regard to age, color, family, gender identity, marital status, national origin, physical or mental disability,  sex (including pregnancy), sexual orientation, social origin, or any other characteristic protected by applicable laws. We may process your personal data in accordance with our HR Data Protection Notice.

Last updated on Nov 28, 2024

See more

About the company

More jobs at pigment

Analyzing

New York, New York

 · 

30+ days ago

New York, New York

 · 

30+ days ago

 · 

30+ days ago

Developed by Blake and Linh in the US and Vietnam.
We're interested in hearing what you like and don't like! Live chat with our founder or join our Discord
Changelog
🚀 LaunchpadNov 27
Create a site and sell services based on your resume.
🔥 Job search dashboardNov 13
Revamped job search UI with a sortable grid, live filtering, bookmarks, and application tracking.
🫡 Cover letter instructionsSep 27
New Studio settings give you control over AI output.
✨ Cover Letter StudioAug 9
Automatically generate cover letters for any job.
🎯 Suggested filtersAug 6
Copilot suggests additional filters above the results.
⚡️ Quick applicationsAug 2
Apply to jobs using info from your resume. Initial coverage of ~200k jobs in Spain, Germany, Austria, Switzerland, France, and the Netherlands.
🧠 Job AnalysisJul 12
Have Copilot read job descriptions and extract out key info you want to know. Click "Analyze All" to try it out. Click on the Copilot's gear icon to customize the prompt.
© 2024 RemoteAmbitionAffiliate · Privacy · Terms · Sitemap · Status