Senior Consultant in IT Security guiding clients through IT projects and security strategies. Analyzing vulnerabilities and leading project tasks while ensuring quality and timely delivery.
About the role
- Senior Security & Compliance Project Manager driving key initiatives across Criteo. Expertise in compliance standards and managing risks within security frameworks.
Responsibilities
- Drive key security and compliance initiatives across Criteo.
- Identify and qualify risks, define priorities, align stakeholders, and ensure consistent execution — from vision to delivery.
- Own topics such as writing standards/policies, risk management, third party risk management, ISO27001, SOC2, SOX and other team initiatives.
- Manage risks.
- Define and structure security compliance projects (ISO27001, SOC2, NIST, internal control plans…).
- Turn strategy into actionable roadmaps and clear milestones.
- Lead end-to-end project delivery across multiple teams (Security, Engineering, Infrastructure, Physical Sites, Legal, etc.).
- Facilitate and energize collaborative workshops and steering committees.
- Be a trusted partner for technical teams and bridge the gap between compliance and engineering.
- Coordinate audit activities, from preparation to closure (internal and external).
- Review technical designs to ensure alignment with security best practices.
- Drive the security audit lifecycle and lead major security audits and assessments (SOC2, ISO27001, NIST…).
- Drive evidence collection in collaboration with all involved stakeholders.
- Orchestrate and follow-up the remediation of findings.
- Participate in SOX legal audit, third party risk management, clients security questionnaires, and due diligence.
- Support the creation of clear, structured, and actionable security documentation (policies, standards…).
- Write security GRC documentation (Information security policies, Technical security standards using technical knowledge).
Requirements
- Master’s degree in Information Security, Computer Science, or a related field.
- 4-6 years of relevant experience.
- Additional certifications in security governance or compliance frameworks (e.g., ISO27001 Lead Auditor/Implementer, CISA, CISSP, or similar) are highly valued.
- Continuous professional development in areas such as risk management, audit methodologies, and regulatory compliance.
- You have experience in security GRC, compliance, or risk management.
- You are used to working with engineering teams, and you have a passion for it.
- You understand the basics of authentication, encryption, access control, threat modeling, etc., and you know how to talk to engineers.
- You know how to structure and lead complex, multi-team projects in a fast-paced, agile environment.
Benefits
- Annual Leave in number of 20 allotted to all employees beginning of every calendar year.
- Sick Leave in number of 12 is allotted effective DOJ and beginning of ever calendar year.
- Other Leaves-Maternity Leave & Paternity Leaves, Birthday Leave Entitlement
- Dedicated L&D Budget for all Teams to upskill & get certified
- All employees are entitled for Group Personal Accident Cover & Life Cover Insurance.
- Insurance coverage for the entire family (Employee + up to 7 dependents - Self, Spouse, up to 4 children, and Parents)
- Monthly Cross Team Lunch
- Rewards and Recognition program-Employee of the month, Star Performer, Tenure Celebration & many more
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Location requirements
AI Security Engineer securing AI - driven applications at a rapidly expanding tech company. Focus on mitigating risks across the AI lifecycle with a talented team.
Sr. Product Manager leading vision and strategy for Smartsheet's security offerings. Managing enterprise security products while ensuring compliance and driving product adoption.
Senior penetration tester responsible for advanced security testing in various sectors at Combitech. Collaborating with a team of experts, focusing on real threat simulations and enhancing security measures.
Physical Security Specialist managing corporate security operations for a global media company in South Korea. Leading security projects, vendor management, and cross - functional collaboration.
Security Engineer enhancing security capabilities for organizations through automation and collaboration. Building secure services and infrastructure in a dynamic engineering environment.
Senior Cloud Security Architect designing and implementing secure architectures across hybrid and multi - cloud environments. Collaborating with teams to drive security strategies aligned with business objectives.
Drive implementation of security controls across all organization including client facing environments. Senior role working cross - functionally with teams to promote security best practices.
Network Security Engineer securing cloud and AI technologies at Marvell, designing robust security strategies and managing security operations in a global environment.
IT Security/System Administrator maintaining and optimizing IT infrastructure for health care organization. Responsible for security controls, system performance, and user support.