Have Copilot read job descriptions and extract out key info you want to know. Click "Analyze All" to try it out. Click on the Copilot's gear icon to customize the prompt.

P

Security Analyst (GRC Specialist)

pigment · 30+ days ago

London or Paris

Negotiable

Full-time

Continue

By pressing the button above, you agree to our Terms and Privacy Policy, and agree to receive email job alerts. You can unsubscribe anytime.

Our Story So Far

Since our founding in 2019, Pigment has become one of the fastest-growing SaaS companies in the world today. Our product, a highly efficient Enterprise Performance Management (EPM) platform, is helping companies achieve their financial goals by quickly responding to dynamic factors in their respective markets including Tech, Retail, CPG & Financial Services.

In less than 5 years, Pigment has grown to over 450 employees across offices in New York, Toronto, London & Paris and attracted a total of $393M in investment from some of the top Venture Capital firms globally.

We serve companies including Unilever, Deliveroo, Gong and Brex to name a few!

We are looking for a Governance, Risk and Compliance specialist, whose core focus will be to protect our customers' and compliance data.

Key Responsibilities

Strategic Leadership

Under the coordination of the CISO, participate in the definition of a multi-year, risk-driven security roadmap, design policies, processes and guidance documents driving its implementation

Implementing the security roadmap, either autonomously or with support from other engineering teams, either in a delivery or project management capacity, depending on the project’s technical requirements.

Establish and implement company-wide security policies and procedures covering internal IT, production platforms, facilities, and more.

Improve and maintain the risk analysis and its mitigation planDesign and implement a comprehensive reporting framework of security indicators

Operational Excellence

Drive implementation of the security roadmap, leading initiatives and coordinating with engineering teams or other relevant stakeholders (legal, HR, support, customer experience

Oversee vulnerability remediation, including triage, prioritization, and mitigation follow up.

Oversee vendor security assessments and ensure alignment with compliance requirements, deliver security approvals in the procurement process

Participate in the asset management program (contractors, accounts, datasets, etc.)

Compliance Management

Lead certifications renewals for SOC 1, SOC 2, and contribute to acquisition of new certification (e.g., ISO 27001, ISO 27701)

Lead planning and execution of compliance audit programs conducted both internally and externally.

Maintain and enhance compliance programs, collaborating cross-functionally to ensure adherence.

Coordinate with the Sales and Legal teams to understand the legislative landscape and market requirements in terms of compliance.

Advocacy and Training

Design and implement security awareness training programs and champion best practices across teams (onboarding training, awareness training, phishing simulations, developer trainings)

Experience & Expertise

At least 5 years of experience on governance and compliance topics, either as Security Engineer, Security Project Manager, or compliance officer (of course, you can be way more experienced!)

Extensive knowledge and experience with the ISO27000 series standard: implementation experience in obtaining and maintaining is a plusSolid technical background in security engineering

Great team spirit with a problem-solving, can-do attitude.

Good dose of humility and the willingness to grow (no matter your seniority!).

Fluent in English (French is not mandatory!).

Environment

The scope of this role includes both the production environment and internal IT
Sites in Paris, London, Toronto and NYC
MacOS, Windows, Linux
GCP, Kubernetes, Terraform, Postgres, SingleStore, Vault
Okta, Oauth, JWT, C#, .NET Core, TypeScript, React
Vanta (GRC), Riot (awareness), Google Workspace (office), Jumpcloud (MDM and SSO), Hibob (HRIS), Slack (IM), GitHub (VCS), CircleCI / ArgoCD (CI/CD) HackerOne (Bug Bounty program), Datadog (SIEM), 1Password (password manager)

Pigment is an equal opportunity employer. We believe diversity is a strength and fosters innovation. We are committed to enabling everyone to feel included and valued at the workplace. All qualified applicants will receive consideration for employment without regard to age, color, family, gender identity, marital status, national origin, physical or mental disability, sex (including pregnancy), sexual orientation, social origin, or any other characteristic protected by applicable laws. We may process your personal data in accordance with our HR Data Protection Notice.

•

Last updated on Nov 28, 2024

About the company

P

pigment

More jobs at pigment

Analyzing

Senior Analyst Relations Manager$132k+

New York, New York

·

30+ days ago

Senior Analyst Relations Manager

·

30+ days ago

Spontaneous application$64k+

New York, New York

·

30+ days ago

Lead Product Designer

·

30+ days ago

Senior Supply Chain Product Strategist

·

30+ days ago

For job seekers

Job searchSearch millions of jobs

LaunchpadNew

Resume to business

Cover Letter StudioGenerate a cover letter

Add to ChatGPTFind and discuss jobs

For employers and recruiters

Resume ScreenerOrganize and rank candidates

Talent PipelinePre-order

Source top talent

Promote a jobReach more candidates

For everyone

Referral programEarn 30% commission

Get mobile appBrowse anywhere

Jobs API

Become a partner

Developed by Blake and Linh in the US and Vietnam.

We're interested in hearing what you like and don't like! Live chat with our founder or join our Discord

Changelog

🚀 LaunchpadNov 27

Create a site and sell services based on your resume.

🔥 Job search dashboardNov 13

Revamped job search UI with a sortable grid, live filtering, bookmarks, and application tracking.

🫡 Cover letter instructionsSep 27

New Studio settings give you control over AI output.

✨ Cover Letter StudioAug 9

Automatically generate cover letters for any job.

🎯 Suggested filtersAug 6

Copilot suggests additional filters above the results.

⚡️ Quick applicationsAug 2

Apply to jobs using info from your resume. Initial coverage of ~200k jobs in Spain, Germany, Austria, Switzerland, France, and the Netherlands.

🧠 Job AnalysisJul 12

Have Copilot read job descriptions and extract out key info you want to know. Click "Analyze All" to try it out. Click on the Copilot's gear icon to customize the prompt.