Cyber Risk and Compliance Engineer

Summary

Join Lucca, a fast-growing SaaS HR software company, as a Cyber Risk and Compliance Engineer! Based in Paris, Nantes, or Marseille (with full remote options within France), you'll work across teams, analyzing technical risks, integrating security into projects, and overseeing compliance initiatives. You'll need at least 4 years of experience and a strong cybersecurity background, including hands-on experience in cyber operations and coding. The role requires excellent communication and risk management skills, and a proactive, analytical approach. Lucca offers a competitive salary (45K€-65K€ gross per year), benefits including profit sharing, vacation bonus, RTT, employee benefits, and a positive work environment.

Requirements

• Technical Expertise: Solid experience in cybersecurity, ideally with hands-on technical expertise in cyber operations (attack, defense) and coding (to understand technical challenges)
• Risk Management Skills: Significant experience in risk analysis and the development of effective risk management strategies, in compliance with ISO 27001/27005
• Pedagogy and Popularization: Excellent ability to connect technical and non-technical stakeholders, facilitating mutual understanding and contributing to rapid convergence towards solutions
• Organization, Leadership, and Follow-up: Strong ability to organize, manage, and follow up on security initiatives, leading stakeholders towards quick and effective solutions
• Proactive & Analytical: Detail-oriented with excellent analytical skills and initiative
• Passionate & Informed: You enjoy cybersecurity, conduct significant monitoring, and can illustrate risks with concrete, relevant, and current examples
• Bac + 5
• 4 years minimum of experience
• C1 level English (making presentations)

Responsibilities

• Analyze Risks: Conduct thorough technical risk analyses and develop strategic mitigation plans to strengthen our security posture, both internally (our projects, processes, and IT systems) and externally (our partners and suppliers)
• Integrate Security into Projects: Advise and challenge projects on security measures to be implemented for all departments, through risk analysis education, security-by-design solutions, and automation of checkpoints
• Supervise Compliance Initiatives: Manage internal compliance projects with efficient execution, at both organizational and technical levels
• Support Incident Management: Contribute to the improvement of our incident response processes, paying particular attention to post-mortem action tracking and the implementation of continuous improvements
• Collaborate Technically: Work closely with all Lucca teams to address and resolve complex security challenges

Preferred Qualifications

Knowledge of Kubernetes or .NET is a significant asset

Benefits

• Interesting profit sharing
• Vacation bonus
• RTT in addition to paid leave
• Employee benefits, restaurant vouchers (Swile), and 100% employer-sponsored health insurance (Benefiz), competitive Gymlib subscription
• A collective event per quarter, aiming to bring together all of Lucca to share the company's news and perspectives in a formal... and less formal way
• Regular remote work possibility