GRC Security Engineer

Job not on LinkedIn

🔥 23 minutes ago

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Dome Group

WebsiteLinkedInAll Job Openings

11 - 50 employees

DOME Group is an independent merchant bank with offices in London and Istanbul, serving as a financial nexus between regions.DOME Group is led by a team of partners with unparalleled experience and expertise gained through successful careers in leading banks internationally. The partners have long-standing relationships with key corporates, family offices and private equity companies as well as unique access to key decision-makers.DOME’s anchor investors, Dogus Group and FIBA Group, are two of the most experienced investors in the financial services industry in Turkey and Europe. Each anchor investor brings a unique value proposition to DOME’s strategic positioning between regions.Through its expertise and network of relationships, DOME seeks to be the partner of choice of companies and investors by offering services across two main verticals; Strategic Advisory and Asset Management.

📋 Description

• Play a leading role in DataDome’s ISO 27001 program, driving day-to-day execution across control maturity, evidence collection, internal audits, and audit preparation. • Help maintain DataDome’s SOC 2 Type II program over time, ensuring controls, evidence, and follow-up actions stay on track. • Keep compliance work practical, reliable, and scalable as the company grows. • Run the risk management process in practice, including risk assessments, workshops, the risk register, treatment plans, and follow-up. • Work with both technical and business stakeholders to identify and assess risks in a structured and useful way. • Help teams turn risk findings into clear, prioritized remediation actions. • Handle third-party security reviews for internal tools and vendors, including onboarding assessments, reassessments, and follow-up actions. • Check that key controls are actually in place across tools and processes, spot gaps or weak configurations, and make sure remediation is tracked and moving with the right teams. • Lead the security awareness program, including training, phishing simulations, and effectiveness tracking. • Act as a key security partner for Legal, HR, Finance, and Business Operations on topics such as people controls, data handling, and process design. • Help Sales on security topics when needed, including writing clear, accurate, and high-quality answers to security questionnaires and supporting follow-up discussions during the sales cycle. • Be comfortable representing security during audits, including explaining how controls work, answering auditor questions, and following up on findings.

🎯 Requirements

• You have at least 7+ years Experience in a cybersecurity product company or internet-scale SaaS environment. • You have demonstrated hands-on experience with ISO 27001 and understand what it takes to drive and maintain a certification program in the long run. • You are comfortable going directly to teams, understanding how things work in practice, spotting gaps, and pushing for improvements that actually fit the way people work. • You care about whether controls are real and effective, not just documented. • You are comfortable running structured risk assessments and facilitating discussions with both technical and non-technical stakeholders. • You communicate clearly and confidently, both in writing and in person, and you are comfortable working in French and English. • You have the technical fluency to assess tools, systems, and processes with a critical eye, and to engage credibly with engineering teams on remediation efforts. • You look for practical ways to simplify and automate repetitive GRC work, including with AI when it adds real value.

🏖️ Benefits

• Flex Life: While we offer remote, hybrid, & in-office options each position specifies the level of flexibility. Our Parisian office is located next to the Opera Garnier. You will also receive a 500€ stipend to help you set up your ideal workspace if you work hybrid or remotely. • If you are full remote, the SNCF dicount card is paid for you to come to our office to visit us & your team! • Generous Health Benefits: We have partnered with Kenko for your healthcare needs. • A 100€ annual allowance is provided for a leisure activity of your choice in Sports or Culture. • Annual allowance of €200 if you come to the office by bike to cover maintenance costs. • Professional Development: #Weaimhigh is part of our DNA, therefore we have invested in an internal Learning and Development platform and offer the opportunity to request additional training and support via your manager. • Events & Team building: #We care and we have fun! We organise ****Annual Company-Offsite, Events, Drinks, Winter Party, Lunch & Learns and much more are part of our Culture • Parent Care: Gift & care packages for parents. • PTO: Based on the country you are based from (e.g. 25 days in France).