Introduction to the Team & Role
With our increasing numbers of customers (1500+ client companies in 160 countries, 2.5M registered users, 30k daily active users) and increased user requests, the 360Learning security became a major challenge in 2022.
Our Chief Security Officer and our Security Engineer are already working on building the security governance, the process and started conducting our own security audits. But as 360Learning keeps scaling, and plans to obtain security certification by 2023, the Security team needs to grow as well, the addition of a brand new Organizational security auditor is key to our strategy.
Within the security team, with the help of the CISO, you will:
- Adopt a global vision of the information system to be audited
- Define the audit and control plans within the organization
- Conduct periodic security audits, including document reviews, evidence collection, access to security tool consoles and reports, or the use of automated compliance monitoring tools
- Conduct and document security process audits, analyze documentation and evidence, conduct team interviews
- Evaluate the proper application, effectiveness and compliance of the company's security policies and procedures
- Collaborate with Engineering teams to implement recommendations
What you'll do
Within 1 month, you will:
Become a Trello expert through our onboarding processUnderstand our infrastructure and our current security methodologiesMeet the global team through virtual coffee meets and happy hourWithin 3 months, you will:
Have tamed our ISMS tool Conduct your first internal audits to identify security flawsImprove our evidence collection to make audits easier and more efficientWithin 6 months, you will:
Have collected all processes and improved someEstablish a compliance plan to prepare for audits and give visibility to the boardWithin 12 months, you will:
Have a clear visibility on all non compliant process and have given insights to improve themBe ready for an ISO 27001 auditThe Skills Set
Knowledge of governance, norms and standards: mastery of audit methodologiesKnowledge of the information system and architecture principlesMastery of the fundamentals in the main areas of information system securityKnowledge of governance, norms and standards in the field of security: ISO 27001Ability to synthesize and popularize for non-technical audiencesWriting of reports adapted to different levels of interlocutorsfluent English (US/UK) / B2 level or equivalent (FR)Enthusiasm for our working environment explained here: https://bit.ly/Convexity_360L What We Offer
Compensation: Package includes base salary, a variable component and equityBenefits: Work From Home stipend, RTT, lunch vouchers, medical insurance, gym subscription, 1 month parental leave for the second parentBalance: Flexible hours, full remote work possible anywhere in FranceInternational team: Offices in London, New York and ParisCulture: A framework that will make you successful - envision what's it like to join 360Learning from onboarding to ramp-up, and beyond: https://360learning.com/blog/360learner-journey/Interview process
Call with our recruiterDiscovery Meeting with Guillaume, our CISOCase study and its debriefClarification Meeting with Paul, our Security Engineer.Interview with Fabrice, our Engineering DirectorOffer !