Bloomflow is the innovation management platform for impact-driven organisations. As a SaaS platform dedicated to enterprise customers, security is at the heart of our business and our value proposition is directly related to our ability to protect the integrity of personal and sensitive data owned by our clients and users. That’s why we will complete our ISO 27001 and 27701 certification process in early 2023..

To maintain momentum and continuous improvement, Bloomflow is recruiting a Security and Privacy Compliance Analyst to support our mission to provide a secure platform to our clients. This vital role to our company’s success will report directly to the cofounder & CISO, with a position that works across all aspects of our organisation, product and technology stack.

Your main mission will be to manage and build Bloomflow’s accreditation and certification roadmap, while supporting our prospect and client requests.

Main roles and responsibilities

• Develop and implement security and compliance policies and procedures aligned with Bloomflow’s risks and business requirements

• Monitor adherence with applicable regulations and laws (e.g. ISO27001à, GDPR etc.)

• Manage security incidents and investigations

• Ensure proper security controls are in place for company systems and data

• Educate employees on security and compliance matters

• Coordinate and track audit activities, internal and external, as required

• Act as the primary contact to support prospect and client queries and proposal support for privacy and security requests, maintaining our bid proposal library

• Design and implement along the CISO and the DPO an appropriate security and privacy culture and awareness program across

• Keep up-to-date with the latest security and privacy trends and regulations

What we offer

• Ability to learn and progress on key topics such as security management, GDPR etc.

• Ownership & responsibility from day one

• Regular work sessions and feedback sessions with our top management

• An agile, ambitious, and very helpful team with a flat hierarchy

• Regular team events

• Great work ethics and a top working environment in the heart of Paris

Preferred experience

• Proven project management and coordination capabilities with the ability to motivate and progress key stakeholder deliverables
• Ability to write process and procedure documents
• Must be fluent in French and English with strong oral and written skills
• Strong interpersonal skills with ability to balance security against business and technical needs.
• Positive, problem-solving and high-energy attitude required to interact with clients, vendors, colleagues
• 2-3 years of working experience in IT
• [BONUS] Practical knowledge designing and implementing ISO 27001 and/or ISO27701 / GDPR in an international technical environment is a strong plus
• [BONUS] Knowdledge and willingness to work also on CSR compliance topics like B-Corp certification

• First call with the cofounder & CISO
• On-site Interview with our cofounder & CISO
• Skill test: home assignment with face-to-face debriefing
• On-site Interview with key stakeholders
• Meet the Team in an informal talk
• Reference checks