Cyber Risk and Compliance Engineer

Summary

Join Lucca, a fast-growing SaaS HR software company, as a Cyber Risk and Compliance Engineer. This role involves analyzing technical risks, integrating security into projects, supervising compliance initiatives, supporting incident management, and collaborating with various teams. The position requires expertise in cybersecurity, risk management, and strong communication skills. Lucca offers a full-remote possibility, competitive salary (45K€-65K€), and various benefits. The ideal candidate will have a Bac +5 degree and at least 4 years of experience. English proficiency (C1) is required.

Requirements

• Technical Expertise: Solid experience in cybersecurity, ideally with hands-on expertise in cyber operations (attack, defense) and coding (to understand technical challenges)
• Risk Management Skills: Significant experience in risk analysis and the development of effective risk management strategies, in compliance with ISO 27001/27005
• Pedagogy and Popularization: Excellent ability to connect technical and non-technical stakeholders, facilitating mutual understanding and quickly converging on solutions
• Organization, Leadership, and Follow-up: Strong ability to organize, lead, and follow up on security initiatives, guiding stakeholders towards quick and effective solutions
• Proactive & Analytical: Detail-oriented with excellent analytical skills and initiative
• Passionate & Informed: You enjoy cybersecurity, conduct significant monitoring, and can illustrate risks with concrete, relevant, and current examples
• Bac + 5
• 4 years minimum experience
• English C1 level

Responsibilities

• Analyze Risks: Conduct thorough technical risk analyses and develop strategic mitigation plans to strengthen our security posture, both internally (our projects, processes, and IT system) and externally (our partners and suppliers)
• Integrate Security into Projects: Advise and challenge projects on security measures to be implemented for all departments, through risk analysis education, security-by-design solutions, and automation of checkpoints
• Supervise Compliance Initiatives: Manage internal compliance projects with efficient execution, at both organizational and technical levels
• Support Incident Management: Contribute to the improvement of our incident response processes, particularly by monitoring post-mortem actions and implementing continuous improvements
• Collaborate Technically: Work closely with all Lucca teams to address and resolve complex security challenges

Preferred Qualifications

Knowledge of Kubernetes or .NET is a significant asset

Benefits

• Interesting profit-sharing
• Holiday bonus
• RTT in addition to paid holidays
• Employee benefits, restaurant vouchers (Swile), and 100% employer-sponsored health insurance (Benefiz), competitive Gymlib subscription
• A collective event per quarter to bring together all of Lucca to share the company's news and perspectives formally... and less formally
• Open mister-freeze in the summer!
• Regular remote work possibility
• Salary is 100% transparent at Lucca
• Collective bonus based on revenue growth
• After 3 years of seniority, each employee can define their salary during a committee