Security and compliance Officer

The Role

Come and join our SpendHQ EMEA team as SSIC EMEA Project Manager.

Group photo of SpendHQ office managers

Reporting to the Security Manager based in the USA, you will work on a daily basis with our various
European teams (Sales, IT, Administration, HR, customers…), you will have the following
responsibilities:

  • Assist in the development and implementation of comprehensive cloud security
    architectures, ensuring the protection of data stored in cloud environments.
  • Support compliance efforts with the General Data Protection Regulation (GDPR) and other
    relevant data protection laws, ensuring all data processing activities are compliant.
  • Conduct regular security assessments and audits to identify vulnerabilities within our cloud
    infrastructure and applications.
  • Collaborate with the IT and development teams to integrate security practices into the
    DevOps pipeline.
  • Participate in the creation and maintenance of security policies and procedures, focusing on
    cloud security and GDPR compliance.
  • Assist in managing and responding to security incidents, including the investigation of
    potential GDPR breaches.
  • Stay up-to-date with the latest security trends, threats, and technologies, especially as they
    relate to cloud environments and data protection regulations.
  • Support the security awareness training program by helping to educate employees on GDPR
    requirements, cloud security best practices, and compliance protocols.
  • Regulatory watch: identify regulatory developments likely to have an impact on the
    management company’s activities by analyzing legislation, sanction decisions and
    documentation issued by regulatory authorities and professional associations;
  • Monitor compliance of sales processes and sales documentation within its scope; support
    sales staff in sales processes and ensure proper application of the various regulations in an
    international working context
  • The candidate may be asked to take part in more cross-functional issues, such as CSR/ESG
    (Corporate Social Responsibility).

Requirements:

  • Bachelor’s degree in Computer Science, Information Security, or a related field.
  • 1-2 years of experience in information security, with specific experience in GDPR, cloud
    security, and compliance.
  • Familiarity with cloud service providers (e.g., AWS, Azure, Google Cloud) and their security
    tools and features.
  • Understanding of data protection laws and regulations, particularly GDPR, and the
    implications for security architecture.
  • Basic knowledge of security frameworks and standards (e.g., ISO 27001, NIST).
  • Strong analytical and problem-solving skills.
  • Excellent communication and teamwork abilities.
  • A willingness to learn and a passion for cybersecurity.
  • An excellent level in English and French
  • Good writing skills

Interested in this position?

Apply Now