Senior Cybersecurity Compliance and Risk Management Officer

CDI - Paris
Join Doctolib as our First Compliance and Risk Management Officer and help us protect the security and privacy of millions of patients and doctors who use Doctolib.

As our Compliance and Risk Management officer you will be a senior member of the security team. You will be Doctolib’s authority on regulatory compliance, due diligence and security processes and procedures. You will work closely with the security team and all internal teams managing internal and external systems to identify gaps and influence Doctolib’s global security strategy.

We are the guardians of millions of citizens health records and our responsibility is to keep these records safe and private. That’s why we want to build the best team in order to maintain a state-of-the-art, highly secure and 100% compliant healthcare information system.

As our Cybersecurity Risk and Compliance Manager you will:
- Manage the processes and technology needed to implement an ISMS and maintain ISO 27001 certification
- Maintain security indicators to continuously evaluate and report on ISMS efficiency
- Provide visibility on risks to key stakeholders
- Manage relationships with relevant information security stakeholders
- Plan and facilitate internal, customer and third-party compliance audits
- Maintain information security policies, procedures and standards
- Assist with information security risk assessments, business continuity planning and disaster recovery planning
- Manage responses to information security related questions for current and prospective clients 

In this role, communication is key, you will work with multiple departments to retain security interest. You confidently understand and promote risk based security management to all stakeholders. You are highly collaborative and confident working with all people working in the company (tech & non-tech). 

We are looking for someone who has an excellent knowledge of information security principles and technical controls. You are autonomous, pragmatic & have a structured approach with excellent presentation skills. Most important of all, you are looking for a challenge that will affect millions of peoples lives. 

- 5 to 12 years in Cybersecurity
- ISO 27001 Lead Auditor/Implementer qualifications
- Good communication
- Experience delivering compliance programmes
- Managing an ISMS and completing security risk assessments
- Fluent in English and French

We offer you the opportunity to join a growing team of security experts building the future of health technology. 
Apply today to find out more.

We are a team of 1000 amazing people, passionate about a common project. We believe in building user first products, pragmatically engineered, secure and reliable. We believe in helping you to learn and grow and you will get time and budget for self-development: participation in conferences & free time dedicated to prepare talks for meetups and conferences.

We are a team that enjoy spending time together and you will be invited to DoctoParties, DoctoMonthly Meetings, DoctoBeers, DoctoWeek-ends..

Contract: full-time position
Start: as soon as possible
Location:  based in our headquarter in Levallois-Perret (relocation package if needed)
Package: attractive salary depending on profile