Information Security Manager

Paris

Full Time Contract
Heetch logo
Heetch
Apply now Apply later

Posted 1 month ago

The Team at Heetch Heetch’s growing infrastructure supports tens of thousands of rides in six countries and a dozen cities in France, Belgium and some French speaking countries in Africa. We handle millions of API requests and events every day without a snag to cater to the needs of 6 million active users and 14,000 drivers across our markets.Our work culture is remote first with employees working from many different countries over Europe and Africa.We are now looking for an Information Security Manager to help us protect Heetch and our customers from potential vulnerabilities and various security attack vectors. Our Values - Make it happen:  Bring intensity and discipline, but focus on important work.- Common interest first: Never let a teammate behind and embrace change.- Kindness: You treat people with respect regardless of their status or disagreement with you. Always assume good intentions.- Communicate Wisely: Listen to one another: everybody has the same right to speak up.- Free Mind: Accept everyone for who they are and embrace differing perspectives to make better decisions. What will you do? This role will be responsible for information security and data protection at Heetch. As an Information Security Manager, you will need to first assess and understand our whole security needs to then create a roadmap to implement your vision, working together with the Tech managers and different teams. In a second time, you will have the opportunity to grow your team from scratch to help you succeed in making Heetch's security top notch. You will own the organisation's information security strategy and ensure our data handling meets our policies and standards. Reporting directly to the CTO, you will also work closely with the Product and Legal teams, as well as across the wider business, in order to develop a thorough understanding of our product, policies and needs. Deliver- Work with Engineering, Product, and Legal teams to ensure alignment and on time delivery.- Define, implement, and oversee flexible and effective security processes to reach the company's goals.- Build a security roadmap along with the different stakeholders. Drive change- Help us grow and evolve our security culture- Work with other engineering managers to drive cultural changes across the organisation  Does it sound like you? - Minimum of 5 years experience working in a similar role delivering information security management in a complex technical environment for an online business.- An excellent knowledge of relevant information security standards and practices, specifically ISO27001: 2017 certification process and audits.- In depth experience of maintaining and managing the ISMS on behalf of the company and undertaking risk and business impact assessments.- An excellent knowledge of the GDPR and the Data Protection Act 2018 and experience supporting business to reach and retain compliance.- Strong subject matter experience in application security, vulnerability and penetration testing.- Experience with cloud environments (e.g. AWS or GCP).- Familiarity working with cross functional product teams using agile methodologies.- Excellent communication skills, able to communicate effectively with both technical and non-technical colleagues.- A recognised security qualification e.g. CISSP, CISM, CSSLP would be an advantage.- Flexible attitude and an ability to perform under pressure.- Fluency in English.- You're experienced with handling security at a product company, or an experienced consultant who wants to settle and grow in a product company.What's next?If your application is selected, the process will be composed of 3 steps:1. Interview with your line manager (1h30)2. Interview with a panel of Engineering Managers (1h30)3. Day on site (Paris) or remote interviews to meet your future team and stakeholders

Check out our Engineering Blog and follow our twitter :)You can also have a look at our open-source projects and contributions here

🌈Heetch embraces diversity and equal opportunity for everyone 🌍 We provide a safe and inclusive work environment. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. Because the more diverse we are, the better our work will be!

Heetch SAS is collecting your personal data (identity, contact details, academic background, professional experience and optionally a covering letter) for the processing of your application to our job offer, based on your consent.Your personal data will only be accessible to our hiring team, our co-founders, and the manager of the position you are applying to. In addition, data are stored by our processor in order to use its applications tracking system. Your data may be stored outside of the EU/EEA but are protected by appropriated safeguards.Your data are stored for a maximum duration of two years. If we do not reply to your application, you allow us to store your data during this term in order to potentially contact you for another position within our company or affiliates and subsidiaries.You have a right to access to your data, to rectify them, under some conditions to erase them, and to limit the processing. Also, you have a right of portability on your data. In addition, you may revoke your consent and we shall stop processing your data. Eventually, you have a right to define directives about the fate of your data if your death should occur. For more information about your rights, please see our privacy policy.
Job tags: Audits AWS CISM CISSP GDPR ISO27001 Penetration testing Strategy Vulnerabilities
Job region(s): Europe
Share this job: