Head Of Cyber Governance Risk & Compliance Ajouter aux favoris

OUR STORY:

EU Join Scaleway and shape the sovereign cloud of tomorrow !

Since 1999, we have been designing secure, sustainable infrastructures aimed at supporting the most ambitious companies.

Historically known for our dedicated servers (Dedibox), we made a strategic shift to cloud computing in 2015. Staying true to our principles of simplicity, flexibility, and technical excellence, we have become one of the leading players in Europe in the sector.

With the rise of artificial intelligence, we have strengthened our commitment, supported by the Iliad Group, which is investing €3 billion to develop a serious, sovereign AI alternative to American and Asian giants.

Every day, thanks to our fast-growing portfolio of cloud and AI products (bare metal, containerization, serverless, AI, etc.), Scaleway proudly serves thousands of customer across the private and public sector, from corporations like France Télévisions or Hachette Livre, to fast-growing startups like Photoroom and Biolevate, to institutions like the City of Copenhagen.

Our offices are located in Paris, Lille, Toulouse, Rennes, Rouen, Bordeaux and Lyon.

WHY WE NEED YOU ?

Our growth is driving us to strengthen our Cyber Governance, Risk & Compliance (GRC) team to support our expansion and ensure the highest standards of security.

Your mission will be to lead the GRC team (4 individual contributors & growing) and strategy and oversee compliance programs in order to maintain a strong security posture, meet international standards (such as ISO 27001, HDS, etc.), maintain high level qualifications (SecNumCloud) and foster a robust security culture across the company.
YOUR FUTURE TEAM

We work in a collaborative and international environment where the diversity of Scalers, combined with a spirit of sharing, helps bring new projects to life every day, advancing our ambitions together.

You will be part of the IT department, reporting to the CISO / CIO. You will be working closely with the SOC-CSIRT, the Legal, the Product, the Engineering & the Operation teams to integrate risk management and compliance into our technical and operational processes. The team focuses on maintaining governance frameworks, managing security risks, and supporting the company's ongoing certification / qualification efforts.
YOUR DAILY ROUTINE

• Define and implement the Cyber GRC strategy, aligning security goals with business objectives.
• Manage the GRC team members.
• Oversee and maintain compliance programs, particularly ISO 27001, HDS, ISO 9001 certifications and SecNumCloud qualification.
• Manage risk assessment processes, identifying compliance gaps and driving risk treatment plans.
• Establish and communicate security policies, standards, and procedures across the organization.
• Conduct internal audits and coordinate activities with third-party auditors.
• Foster a security-aware culture through training, workshops, and awareness initiatives.
• Collaborate with the SOC-CSIRT and other teams to address security gaps and improve resilience.
• Report on GRC metrics and security posture to leadership and stakeholders.
• Monitor the regulatory landscape to ensure adherence to evolving security requirements.
• Drive cross-functional improvements in security governance and internal controls.
• Oversee and maintain compliance programs regarding CyberSecurity related regulations (NIS2, etc.).

ABOUT YOU:
HARDSKILLS:

• Proven experience in Cyber Governance, Risk, and Compliance (GRC).
• Knowledge of ANSSI qualification framework (SecNumCloud, PRIS, PASSI, PDIS, etc.).
• Experience of international compliance context is a plus.
• Experience in team management.
• Solid knowledge of ISO 27001 framework implementation and certification maintenance.
• Proficiency in risk management methodologies (e.g., EBIOS RM, NIST).
• Understanding of cloud security principles and regulatory requirements.
• Experience with audit management and security policy development.

SOFT SKILLS:

• Excellent communication skills, capable of explaining complex security risks to non-technical stakeholders.
• Strategic mindset with a pragmatic approach to security implementation.
• Collaborative and team-oriented mindset, capable of driving cross-functional initiatives.
• Ability to foster a positive security culture and drive organizational change.
• Strong analytical thinking and problem-solving abilities.
• Fluent in both French and English.

WHAT YOU WILL FIND AT SCALEWAY ++++

Hybrid work: We offer up to 3 days of remote work per week.
Offices: Our offices are spacious, dynamic workspaces with bold design, conveniently located near public transport. Most of our offices feature outdoor spaces (terraces) and bike parking facilities.
Dining: Our chef provides a healthy meal service at the headquarters, and breakfast is available across all our sites year-round. Scalers working from regional sites enjoy a Swile card for lunches.
Well-being commitments: Whether it's access to a gym, daycare places, or discounted services for caring services, Scaleway is committed to supporting Scalers in maintaining a balanced life.
International environment: With dozens of nationalities, Scaleway offers a stimulating environment where English is as widely spoken as French.
Career & Mobility: Our managers value internal mobility, and opportunities to transition to other entities within the Iliad Group are accessible to all Scalers.
Why join the Scaleway adventure?

A rich and diverse product offering: Scaleway offers over 100 public cloud products in IaaS, PaaS, and AI.
A cutting-edge technical environment: Scaleway provides modern infrastructures, including high-performance bare metal servers, to tackle exciting technical challenges.
Commitment to responsible cloud: Scaleway is dedicated to a more responsible cloud, with data centers powered solely by renewable energy since 2017, minimizing our ecological footprint and holding top-level certification.
THE NEXT STEPS ...

• Discovery call with a recruiter
• Interview with the CISO / CIO to understand your technical skills and approach to the role
• Technical interview to validate your expertise
• Team fit discussion to deepen discussions and assess your fit with the team

At Scaleway, we are committed to building an inclusive and respectful workplace where everyone has a fair opportunity to thrive.

All applications are considered with care, regardless of age, gender, sexual orientation, ethnic or social background, religion, disability, or any other characteristic.

We believe great ideas come from everywhere, and everyone which is why you should definitely apply.