🌀 The Company

Filigran, founded in October 2022, stands out in the cybertech ecosystem for its commitment to revolutionizing cyber threat management with a proactive approach. Its mission is to develop innovative open-source solutions designed to anticipate cyber threats, identify security gaps, and strengthen organizational security posture.

Filigran solutions are now trusted by over 6,000 public and private organizations worldwide.

🎯 The Role

We are looking for our first internal security leader: a CISO who will design, build, and run the foundations of Filigran's information security programme.

This is a hands-on, build-from-scratch role. You'll be responsible for defining processes, setting up tools, and preparing the growth of the Security Operations team. You'll establish the Filigran-CERT (F-CERT), ensure our resilience against threats, and hold the formal Data Protection Officer mandate acting as the operational and regulatory gatekeeper: authoritative point of contact for regulators, customers, and internal teams on all matters touching AI, privacy, and security compliance.

You will be working closely with C-suite, executive leadership and regulators, and as the CISO, you will ensure that cybersecurity, cyber resilience and data protection are embedded across technology, business operations and partner ecosystems.

💼 Your Responsibilities

🔐 Build & Lead Security Operations

• Design and implement Filigran's first CSIRT and Security Operations (SecOps) framework.

• Define processes for incident detection, response, containment, and recovery.

• Manage relationships with external Managed SOC providers for hybrid Level 1 monitoring.

🛡️ Incident Response & Crisis Management

• Act as primary incident commander for security events and data breaches.

• Build and maintain incident playbooks and escalation paths.

• Drive post-incident reviews and lessons learned.

• Ensure timely breach notification to supervisory authorities in coordination with the General Counsel.

🧠 Threat Intelligence & Breach & Attack Simulation

• Leverage Filigran's own products (OpenCTI, OpenBAS/OpenAEV) to run advanced threat intelligence analysis and attack simulations.

• Continuously evaluate threats relevant to Filigran and its ecosystem.

• Provide actionable intelligence to leadership and engineering teams.

📋 Regulatory Compliance, Certifications & Audits

• Establish the Filigran-CERT (F-CERT) and position it as the trusted security function for the company.

• Build and maintain an ISMS aligned with ISO 27001, SOC 2, or equivalent standards.

• Lead security certification efforts and manage external audits.

• Own the vendor security assessment process and third-party risk management program.

🔏 DPO — Official Gatekeeper for AI, Privacy & Security

• Hold the formal Data Protection Officer mandate under GDPR, serving as the official point of contact for supervisory authorities (e.g. CNIL).

• Act as the internal gatekeeper ensuring that AI initiatives, data processing activities, and security controls meet applicable regulatory requirements.

• Collaborate closely with the General Counsel to translate legal and policy obligations into operational controls.

• Monitor evolving regulation (GDPR, AI Act, ePrivacy, NIS2) and assess operational impact in coordination with Legal.

• Handle or coordinate responses to data subject requests (DSARs) and regulatory enquiries.

🤝 Team Building

• Act as a player-coach, balancing hands-on work with preparation for team growth.

• Define future roles and responsibilities for SecOps.

• Mentor and onboard new hires as the team scales.

🤝 Who You'll Work With

• Reporting to: Chief Executive Officer

• Close collaboration with: General Counsel, Engineering, Product, IT, Finance, and People teams

• External stakeholders: Supervisory authorities (CNIL and equivalents), external auditors, managed security providers, customers

🧬 Profile We're Looking For

• Proven experience in an information security leadership role (CISO, Head of Security, CSIRT Manager, or equivalent).

• Formal DPO qualification or equivalent experience, solid working knowledge of GDPR and EU data protection law, including AI Act implications.

• Strong background in incident response, forensics, and security monitoring.

• Experience working with managed SOC services in hybrid models.

• Knowledge of threat intelligence practices and frameworks (MITRE ATT&CK, STIX/TAXII), bonus if you've used OpenCTI.

• Familiarity with red teaming, breach & attack simulation (BAS), or security testing.

• Comfortable operating at the intersection of technical security and regulatory compliance, ****without owning the legal function.

• Hands-on mindset: comfortable being the first security leader in a scaling organisation.

• Excellent communication skills with regulators, customers, technical teams, and executives alike.

• Fluency in English required; French is a strong plus.

🌱 Why Join Filigran? More than just a job.

We’re a fast-growing, global, and fully remote company building open-source cybersecurity solutions, increasingly powered by AI, to help defense teams anticipate threats and act faster.

⭐ What we believe

We believe we do work that matters, uniting defenders into a global community to make security more open, resilient & collaborative.

💻 How we work

We do work that matters by combining strong engineering standards with emerging technologies, including AI, to move faster and smarter.

🧭 What guides us

We make our work matter by building a culture grounded in our CORE values of Cohesion, Openness, Responsibility, and Equity. The principles that guide how we make decisions, treat people, and grow together, especially when no one’s watching.

💰 Compensation & Benefits

• Competitive pay + equity - everyone shares in our success

• Remote-first, flexible, and balanced - work that fits your life

• Your setup, your choice - pick the gear that works for you

• Twice-a-year gatherings - we meet in person for regional and global offsites to connect, collaborate, and strengthen our culture beyond the screen

🌍 Equal Employment Opportunity

We enable cybersecurity through inclusion - from code to culture.

At Filigran, we are proud to be an equal opportunity employer. We believe diversity of our people make our products and our team stronger. We welcome talent of every background, identity, and lived experience, regardless of race, color, religion, gender, gender identity or expression, sexual orientation, national origin, age, disability, or veteran status.

What matters here is what you bring, not what you look like, where you’re from, or how you identify.

🚀 Ready to Join Us?

Apply now and help us build the future of the cybersecurity ecosystem, together.