OUR STORY:

🇪🇺 Join Scaleway and shape the sovereign cloud of tomorrow !

Since 1999, we have been designing secure, sustainable infrastructures aimed at supporting the most ambitious companies.

Historically known for our dedicated servers (Dedibox), we made a strategic shift to cloud computing in 2015. Staying true to our principles of simplicity, flexibility, and technical excellence, we have become one of the leading players in Europe in the sector.

With the rise of artificial intelligence, we have strengthened our commitment, supported by the Iliad Group, which is investing €3 billion to develop a serious, sovereign AI alternative to American and Asian giants.

Every day, thanks to our rich catalog of products and services (bare metal, containerization, serverless, AI, etc.), Scaleway proudly serves 38,000 private and public sector clients, from Photoroom to Mistral AI, Golem AI, and ADEME.

📍 Our offices are located in Paris, Lille, Toulouse, Bordeaux, Rouen, Rennes and Lyon.

WHY WE NEED YOU ?

Our growth is driving us to strengthen our GRC department. This key role is essential in strengthening our cybersecurity posture by ensuring our practices align with the best standards, regulations, and technological developments.

This role has three main focuses:

- You will actively contribute to the implementation and maintenance of security controls driven by the security policies, standards, etc., defined by the rest of the GRC team, as well as the associated tooling.

- You will be the interface with business teams for integrating security into their projects and responding to various questions, including those from clients (security questionnaires).

- You will work closely with the Engineering team on Application Security and Secure SDLC topics, in collaboration with the SOC-CSIRT team.

YOUR FUTURE TEAM : 

We work in a collaborative and international environment where the diversity of Scalers, combined with a spirit of sharing, helps bring new projects to life every day, advancing our ambitions together.

You will be part of a team of 4 people and you will report directly to the Head Of Cyber Governance Risk & Compliance.

YOUR DAILY ROUTINE :

- Implementation and Maintenance of Security Controls

- Set up and manage cybersecurity awareness programs (including phishing simulations), and develop training materials for all employees.

- Draft and maintain technical security documentation, provide technical support for compliance projects (ISO 27001, HDS, SecNumCloud), and assist with certification audits.

- Advise, support, and validate projects in terms of security (Security by Design), including risk identification, third-party security validation, and architecture validation.

- Maintain and enhance our Trust Center (online documentation platform) with certifications, audit reports, and other relevant information.

- Provide accurate and tailored information and participate in meetings with clients who have questions about our security and compliance posture.

- Define and implement the S-SDLC strategy, in collaboration with the CIO, Engineering, and SOC-CSIRT to ensure consistent integration of security into development processes.

- Identify key controls to be implemented (SAST, secret detection, etc.) and define an improvement plan.

- Define related processes, aligned with existing ones (CI/CD, vulnerability management, product release, etc.).

- Configure tools to address the above points (RIOT, Safebase, etc.).

ABOUT YOU : 

SOFTSKILLS : 

- Proven analytical and synthesis skills

- Rigor, organization, and attention to detail

- Excellent oral and written communication skills in both French and English

- Autonomy, proactiveness, and team spirit

- Ability to interact with various stakeholders (technical, business, executives, clients)

💻 HARDSKILLS : 

- 3 to 5 years minimum in cybersecurity, ideally in Security Engineering, Application Security and/or Audit roles.

- Knowledge of security architectures (networks, OS, applications, cloud)

- Understanding of IaaS, PaaS, and cloud environments

- Knowledge of integrating security into projects

- Knowledge in Application Security (OWASP Top 10) and associated controls (SAST, DAST, dependency checks, etc.)

- Familiarity with cybersecurity frameworks (ISO 2700x, NIST, CIS Controls)

- Understanding of certification requirements like HDS and SecNumCloud

- Familiarity with risk management methodologies (EBIOS RM)

- Understanding of key regulations (GDPR, NIS 2, LPM, etc.)

WHAT YOU WILL FIND AT SCALEWAY ++++

Hybrid work: We offer up to 3 days of remote work per week.

Offices: Our offices are spacious, dynamic workspaces with bold design, conveniently located near public transport. Most of our offices feature outdoor spaces (terraces) and bike parking facilities.

Dining: Our chef provides a healthy meal service at the headquarters, and breakfast is available across all our sites year-round. Scalers working from regional sites enjoy a Swile card for lunches.

Well-being commitments: Whether it’s access to a gym, daycare places, or discounted services for caring services, Scaleway is committed to supporting Scalers in maintaining a balanced life.

International environment: With dozens of nationalities, Scaleway offers a stimulating environment where English is as widely spoken as French. 

Career & Mobility: Our managers value internal mobility, and opportunities to transition to other entities within the Iliad Group are accessible to all Scalers.

🚀Why join the Scaleway adventure ? 

✔ A rich and diverse product offering: Scaleway offers over 100 public cloud products in IaaS, PaaS, and AI.

✔ A cutting-edge technical environment: Scaleway provides modern infrastructures, including high-performance bare metal servers, to tackle exciting technical challenges.

✔ Commitment to responsible cloud: Scaleway is dedicated to a more responsible cloud, with data centers powered solely by renewable energy since 2017, minimizing our ecological footprint and holding top-level certification.

🔜 THE NEXT STEPS …

Discovery call with a recruiter (30 min)

Interview with the manager to understand your technical skills and approach to the role (45 min)

Use Case interview to validate your expertise (1h)

Interview with the Director of SI, IT et GRC to deepen your discussions (45 min)

At Scaleway, we are committed to building an inclusive and respectful workplace where everyone has a fair opportunity to thrive.

All applications are considered with care, regardless of age, gender, sexual orientation, ethnic or social background, religion, disability, or any other characteristic.

We believe great ideas come from everywhere, and everyone which is why you should definitely apply.