Tryriot3mo ago

Security Engineer

Paris,ParisPermanentmid

EngineeringSecuritySecurity EngineerCybersecurity

5 views0 saves0 applied

Apply Now

Quick Summary

Overview

We're a product-first team on a mission to help grow the cybersecurity culture 🔐 We want to instill cybersecurity good practices to employees in a way that's actually effective, and entertaining enough so that employees don't feel like they're working. Think Duolingo but for cybersecurity.

Technical Tools

cybersecurity

We're a product-first team on a mission to help grow the cybersecurity culture 🔐

We want to instill cybersecurity good practices to employees in a way that's actually effective, and entertaining enough so that employees don't feel like they're working. Think Duolingo but for cybersecurity.

We created a platform to easily rollout a cybersecurity awareness program: the platform sends chat-based 4-minutes long courses to teams. Following the courses, the other side of the platform simulates phishing attacks, to prepare employees to face hackers, but in a safe environment.

Created in 2020, Riot has raised $45m with leading investors (Y Combinator, Left Lane, Base10, Funders Club and Frst Capital) and is now protecting more than 2 millions employees in over 2,000 companies (including Intercom, Deel, and Deezer) all over the world.

Cybersecurity is everywhere. It's impacting everyone, everyday, and it's becoming the number one risk to any organization, whether it's a small business or a big firm. Yet, the cybersecurity culture in most companies is a disaster. Hackers are leveraging this by targeting the weakest link: the employees. We're on a mission to fix that.

As the second security member in our organization, you will help us reach the next milestone in our security governance strategy, risk management and compliance requirements.

As Riot is aiming to be ISO 27001 and ACN certified in 2026, you will play a crucial role in our compliance strategy and making security a business accelerator.

- Build and maintain our GRC framework, including policies, procedures, risk registers, and controls.

- Conduct risk assessments, vendor security reviews, and internal audits.

- Prepare the organization for external audits and certifications (SOC 2, ISO 27001, ACN…), including evidence collection and remediation tracking.

- Provide guidance and awareness to teams on security and compliance best practices.

- Additional security technical projects may be added depending on company needs and growth.

- Experience: 1-4 years experience in security engineering or consulting.

- Familiarity with SOC 2, ISO 27001, and risk assessment methodologies.

- You have hands-on experience with bug bounty programs, vulnerability management, security questionnaires…

- You have strong communication skills and the ability to work collaboratively with engineering and cross-functional teams.

- You have a full professional proficiency in English and native in French.

- You're based in Paris or you're willing to relocate.

You're a doer: not afraid to get your hands dirty and get things done.

You have high standards: expect performance to be nothing short of the best.

You are an enthusiastic at heart: exhibit passion and excitement over work.

Join a financially-healthy company: we're financially strong and highly capital-efficient. Fundraising fuels our momentum, enabling us to scale faster and unlock new growth opportunities.

Contribute to a fast-growing startup with a strong vision and high ambitions, backed by clear business goals. We've tripled our revenue over the past two years, and we plan to grow from €20M to €40M ARR in 2026.

Experience the energy of a collaborative team in our modern and cosy office located in heart of Paris: République / Canal Saint-Martin

- First call with our Tech Talent Acquisition Manager or our Security Engineer (30min)

- Second call with our Security Engineer (30min)

- Onsite case study with the CTO & Security Engineer (90min)

- Culture Fit interview

Please note that this is an on-site position with up to 2 days per week of remote work.