Chief information security officer

Our mission 🚀

We are living in exciting times where technology and digital transformation improve and disrupt businesses and their supply chains on a daily basis. At Kbrw, we’re disrupting the tech supply chain, and we aim to facilitate this transformation through high-performing software, driving our consistent growth. And guess what? You can help us achieve our vision! 🙌

Born in 2009, we are a leading European SaaS company on a mission to build robust, high-quality long-lasting projects. Our high performance cloud-native flagship solutions, such as Order Management System (OMS) and Warehouse Management System (WMS), helps complex businesses implement new omnichannel operations, orchestrate critical business processes, and improve customer promises across all business channels. We meet the highest IT requirements by achieving performance, robustness, configurability, easy integration, while also mitigating IT risks.

Kbrw is self-founded and has grown significantly over the last five years, with a 30% increase in its headcount and its revenue every year📈. Our solutions are already used by height CAC40 companies and deployed in over 16,000 sales outlets in more than 120 countries, managing a total transaction value exceeding 30 billion euros!

With offices in 🇫🇷 Paris, Bordeaux, Lille, Clermont-Ferrand, 🇪🇸Barcelona and 🇨🇳Shanghai our reach is global and we aim to be 200+ employees by 2025!

Let’s talk about our Security Team ✨

Our cybersecurity team is backed by an ISO27001-certified policy framework. We maintain structured pentesting cycles and a standardized incident management process. A skilled security engineer supports day-to-day operations and we have access to cross-functional partners across IT, DevOps and Delivery teams. With clear protocols and mature response plans in place, the team focuses on continuous improvement and practical security enhancements. Together, we ensure reliable protection while enabling business innovation.

What will I be doing? 👀

• Develop and implement comprehensive risk management processes aligned with Kbrw objectives.

• Create, update, and enforce cybersecurity policies in compliance with ISO27001, NIS2, SOC2.

• Respond to security-related RFPs and collaborate on contractual and technical proposals.

• Monitor security metrics, SOC operations, and emerging threats for proactive defense.

• Manage vulnerability assessments and pentests, coordinating remediation across infrastructure and applications.

• Define technical security requirements and support to ensure secure product and projects delivery.

• Deploy and administrate security tools, ensuring optimal configuration and integration.

• Plan and oversee security audits and remediation action plans.

• Design and deliver security training and awareness for all employees.

• Lead incident response procedures, business continuity planning, and crisis management exercises.

What do I need from you? 😎

• 3+ years leading security teams

• CISSP, CISM or ISO 27001 Lead Implementer certifications would be preferred.

• Proven track record in risk management and compliance (ISO 27001, NIS2, SOC2).

• Hands-on experience with incident response and vulnerability management

• ISO 27001 implementation and audit methodologies

• NIS2, SOC 2 and GDPR compliance frameworks

• Develop enterprise cybersecurity strategy and multi-year roadmap

• Govern and manage cyber and third-party risk portfolios

• Create security budgets and ROI analyses, including financial forecasts and business cases

• Provide executive reporting and lead board-level security committees

• Build threat intelligence programs and conduct proactive cyber monitoring

• Implement security KPIs and performance dashboards

• Lead business continuity planning and high-level cyber crisis response

• Oversee supply chain security and assess third-party vendor risks

• Penetration testing

• Secure coding standards enforcement

The cherry on top 🍒

• Familiarity with Chinese cybersecurity regulations (e.g. CCPS, MLPS, etc.)
• Hands-on exposure to SIEM and SOAR platforms
• Knowledge of secure cloud architecture

The stuff you wanna know 😉

• 💰 An attractive compensation package:
  • A transparent remuneration policy: from software developers to department heads.
  • Participation in profits in France via the profit-sharing system
  • Possibility of bonuses based on your results
• 🌍 Family-friendly work-life balance: 2 days remote policy
• 🍕 Meal allowance with Swile (€9.5 daily)
• 👨‍⚕️ Private healthcare provided by AXA (100% covered by Kbrw for you and your family)
• 🎭 Access to Leeto perks: theater, opera, sports clubs, concerts, festivals, trade fairs, etc.
• 📚 Work in an international, dynamic, and passionate environment with a company culture focused on learning and development:
  • Software engineers' training: our developers undergo a one-month training in Elixir and React with a complete internal and certified training (Qualiopi)
  • Personal development plan: each employee has an personal development plan established by their manager to integrate quickly and progress within the company
  • Manager training: our managers are trained by our HR team and management experts to help provide the best managerial experience for their teams
  • A structured and mature management process: our management approach is structured through well-defined processes via Lattice, an HR management platform
• 🚀 Opportunities to grow fast: responsibilities and promotions are discussed twice a year during two performance reviews
• ❤️ Kbrw cares about our teams: we have been labeled a “ Great Place to Work ” for 2024/2025

Our Recruitement Process 😁

• First meeting with Hari to get to know each other - 45 min
• A technical visio interview with Regis and Tommy (Security Expert) - 1 hour
• A last interview on site with Arnaud (CTO) and Alexandre (Chief of Staff) - 1 hour

Kbrw is an equal opportunity employer. We believe diversity is a strength and fosters innovation. We are dedicated to fostering an environment where everyone feels both included and appreciated. Our commitment extends to providing fair consideration to all qualified applicants, irrespective of age, color, family background, gender identity, marital status, national origin, physical or mental ability, pregnancy, sexual orientation, social background, or any other characteristic protected by relevant laws.