Retour aux Emplois

Cybersecurity Governance, Risk & Compliance (GRC) Specialist

Paris
About the job Cybersecurity Governance, Risk & Compliance (GRC) Specialist

Cybersecurity Governance, Risk & Compliance (GRC) Specialist

Position Overview

We are seeking a Cybersecurity GRC Specialist to develop, implement, and manage comprehensive governance, risk, and compliance programs aligned with leading cybersecurity frameworks including NIST Cybersecurity Framework, ISO 27001/27002, MITRE ATT&CK, and CIS Controls to ensure organizational security posture and regulatory compliance.

Key Responsibilities

Framework Implementation & Management
  • Implement and maintain NIST Cybersecurity Framework across organizational functions (Identify, Protect, Detect, Respond, Recover)
  • Develop ISO 27001/27002 Information Security Management System (ISMS) and manage certification processes
  • Map organizational security controls to CIS Controls and ensure implementation across all critical security functions
  • Integrate MITRE ATT&CK framework for threat modeling, risk assessment, and security control validation
  • Establish governance structures, policies, and procedures aligned with multiple cybersecurity standards
Risk Assessment & Management
  • Conduct comprehensive cybersecurity risk assessments and business impact analyses
  • Develop risk treatment plans including risk acceptance, mitigation, transfer, and avoidance strategies
  • Maintain enterprise risk registers and ensure regular risk review and update processes
  • Perform gap analyses against security frameworks and develop remediation roadmaps
  • Create risk-based metrics and KPIs for executive reporting and board communications
Compliance & Audit Management
  • Manage regulatory compliance programs including SOX, PCI-DSS, HIPAA, GDPR, and industry-specific requirements
  • Coordinate internal and external security audits and manage audit finding remediation
  • Develop compliance monitoring programs and automated compliance reporting capabilities
  • Maintain evidence collection and documentation for compliance demonstrations
  • Support vendor risk assessments and third-party security evaluations
Policy & Governance Development
  • Develop comprehensive cybersecurity policies, standards, and procedures aligned with business objectives
  • Establish security governance committees and risk management oversight structures
  • Create security awareness training programs and ensure organization-wide policy compliance
  • Manage policy lifecycle including review, approval, communication, and periodic updates
  • Coordinate cross-functional collaboration for security program implementation
Required Qualifications

Technical Skills
  • 5+ years experience in cybersecurity governance, risk management, or compliance roles
  • Expert knowledge of NIST Cybersecurity Framework, ISO 27001/27002, CIS Controls, and MITRE ATT&CK
  • Strong understanding of regulatory requirements (SOX, PCI-DSS, HIPAA, GDPR) and compliance methodologies
  • Experience with GRC platforms (ServiceNow GRC, RSA Archer, MetricStream) and risk management tools
  • Knowledge of security control frameworks and security architecture principles
  • Proficiency in risk assessment methodologies and quantitative risk analysis techniques
Governance Skills
  • Proven experience developing and implementing enterprise security governance programs
  • Strong understanding of business continuity, disaster recovery, and crisis management
  • Experience with vendor risk management and third-party security assessments
  • Knowledge of board reporting and executive communication for cybersecurity topics
Preferred Qualifications
  • Bachelor's degree in Cybersecurity, Risk Management, Business Administration, or related field
  • Professional certifications (CISSP, CISA, CRISC, CISM, ISO 27001 Lead Auditor)
  • Experience with cloud compliance frameworks (SOC 2, FedRAMP, CSA CCM)
  • Background in internal audit or external consulting for cybersecurity assessments
  • Knowledge of emerging regulations and privacy frameworks
Publié le 2025-11-24

Emplois Recommandés

Stage département Fiscal - Janvier à juin 2027

Watson Farley & Williams LLP
Paris

Watson Farley & Williams LLP est un cabinet d'avocats international présent dans les principales places financières d'Europe, d'Asie et d'Amérique du Nord. Nos bureaux sont implantés à Londres, Paris,…

Voir les Détails
Publié le 2025-10-15

Conseiller Commercial H/F

Groupe ATOLL
Paris

#jobtalexim #conseiller #commercial #protection sociale #cdi TALEXIM, des spécialistes du recrutement engagés auprès des entreprises de leur territoire ! Notre équipe de recruteurs vous propose de : -…

Voir les Détails
Publié le 2025-12-25

PRODUCT MANAGER CDD (H/F)

CNP Assurance Protection sociale
Paris 13e

A propos de CNP Assurance Protection sociale: A PROPOS DE NOUS CNP Assurances Protection Sociale est un acteur majeur de la protection sociale en France issu du rapprochement d'une partie des acti…

Voir les Détails
Publié le 2026-01-12

Graduate Program - Product Edition

Louis Vuitton
Paris

Louis Vuitton offers a unique Graduate Program - Product Edition, based in Paris, designed for recent graduates and early career professionals. This 18-24 month rotational program provides comprehensi…

Voir les Détails
Publié le 2025-12-12

UX/UI-Designer

Paris

Rejoindre la CNAV, c'est intégrer le 1er acteur du système de retraite en France. Dans un secteur en pleine évolution, nous imaginons la retraite de demain : digitalisation de la relation avec les ass…

Voir les Détails
Publié le 2025-11-15

Auxiliaire de puériculture - CDI à Paris 12 !

Vitalis Médical
Paris

Réseau d'agences d'intérim et de recrutement développé en franchise, Vitalis Médical a été imaginé par des professionnels expérimentés du secteur. Il s'appuie sur deux valeurs fortes : l'esprit entrep…

Voir les Détails
Publié le 2026-01-09

Auditeur Interne H/F

Paris

SYSTRA est un groupe international d’ingénierie et de conseil dans le domaine de la mobilité. Signature de référence pour les solutions de transport, SYSTRA est l’un des premiers groupes mondi…

Voir les Détails
Publié le 2025-12-09

Devops AWS H/F

Paris

Description de l'entreprise Qui sommes-nous ? Rejoindre NEXTON, c'est intégrer une entreprise où convergent l'esprit d'un cabinet de conseil, la créativité d'une agence et la dynamique d'une ES…

Voir les Détails
Publié le 2025-12-26

Senior UX/UI Designer (relocation to Switzerland, Geneva)

Paris

EPAM is seeking a talented and experienced Senior UX/UI Designer to join an IT UX Team in Geneva. This is a full-time on-site position working closely with both EPAM and client teams. You will play …

Voir les Détails
Publié le 2025-12-14