Senior Information Security Specialist

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Senior Information Security Specialist based in France.

As a Senior Information Security Specialist, you will play a pivotal role in shaping and scaling a comprehensive compliance and information security function within a fast-growing technology environment. This position combines strategic ownership, hands-on implementation, and cross-functional collaboration to strengthen security frameworks, audit readiness, and regulatory compliance programs. You will serve as a trusted subject matter expert, supporting customers, internal teams, and external auditors while driving continuous improvements across security and governance initiatives. The role offers the opportunity to influence product development, mentor team members, and expand compliance capabilities across multiple international standards. Working closely with leadership and operational teams, you will help deliver scalable compliance solutions that create meaningful value for customers. This is an ideal opportunity for a security and GRC professional who thrives in autonomous, high-impact environments and enjoys taking ownership of complex challenges.

• Own and drive the compliance roadmap across multiple information security and regulatory frameworks, ensuring alignment with evolving business and customer requirements.
• Lead the implementation and management of information security and compliance programs, including end-to-end certification and audit readiness activities.
• Conduct and oversee internal audits, ensuring consistency, quality, and adherence to established standards and regulatory expectations.
• Mentor and support junior compliance and security team members by sharing expertise, reviewing deliverables, and promoting best practices.
• Serve as a trusted advisor for customer-facing teams, providing expert guidance on security, compliance, and governance-related topics.
• Develop, maintain, and improve compliance content, including policies, procedures, templates, training materials, and operational playbooks.
• Collaborate with product and engineering teams to translate compliance requirements into scalable platform enhancements and process improvements.
• Analyze auditor feedback, identify framework gaps, and implement corrective actions to strengthen compliance outcomes.
• Build and maintain strong relationships with certification bodies, audit partners, and other external stakeholders.
• Contribute to strategic initiatives that improve operational efficiency, customer satisfaction, and the overall maturity of the security and compliance function.

Requirements

• Professional fluency in German (C1/C2 level) and English is required.
• Minimum of 5 years of hands-on experience in information security, governance, risk, and compliance (GRC), preferably within B2B SaaS environments.
• Proven experience leading multiple successful ISO 27001 certification projects as an implementer, auditor, or compliance specialist.
• Strong knowledge of information security frameworks, risk management methodologies, and regulatory compliance standards.
• Experience working with GRC platforms and compliance management tools.
• Understanding of cloud environments, including AWS, Azure, and Google Cloud Platform, with exposure to security posture assessments and remediation planning.
• Excellent project management skills, with the ability to manage multiple priorities, navigate ambiguity, and deliver results independently.
• Strong written communication skills with experience creating clear compliance documentation for technical and non-technical audiences.
• Demonstrated ability to mentor colleagues and contribute to team development within compliance, audit, or security functions.
• Experience implementing additional frameworks such as SOC 2, GDPR, NIS2, DORA, ISO 27017/27018, ISO 42001, or similar standards is considered an advantage.
• Previous experience in startup or high-growth environments is beneficial.
• Strong ownership mindset, analytical thinking, and problem-solving capabilities.

Benefits

• Fully remote work environment with the flexibility to work from anywhere within supported European time zones.
• Competitive salary aligned with local market benchmarks.
• Generous equity package, allowing employees to participate in the company's long-term success.
• Annual personal development budget to support continuous learning and professional growth.
• Home office allowance and access to coworking spaces.
• 26 days of paid annual leave in addition to local public holidays.
• Comprehensive health insurance coverage.
• Annual company retreat and regular team-building events.
• Access to modern technology equipment, including laptop, monitors, and professional accessories.
• Direct exposure to experienced leadership, industry experts, and mentorship opportunities.
• Collaborative and high-performing culture focused on ownership, innovation, and continuous improvement.