Security Administrator administering information security systems and compliance obligations at RBNZ. Collaborating in a supportive team to achieve business objectives and maintain security controls.
About the role
- Senior Security & Compliance Project Manager driving key initiatives across Criteo. Expertise in compliance standards and managing risks within security frameworks.
Responsibilities
- Drive key security and compliance initiatives across Criteo.
- Identify and qualify risks, define priorities, align stakeholders, and ensure consistent execution — from vision to delivery.
- Own topics such as writing standards/policies, risk management, third party risk management, ISO27001, SOC2, SOX and other team initiatives.
- Manage risks.
- Define and structure security compliance projects (ISO27001, SOC2, NIST, internal control plans…).
- Turn strategy into actionable roadmaps and clear milestones.
- Lead end-to-end project delivery across multiple teams (Security, Engineering, Infrastructure, Physical Sites, Legal, etc.).
- Facilitate and energize collaborative workshops and steering committees.
- Be a trusted partner for technical teams and bridge the gap between compliance and engineering.
- Coordinate audit activities, from preparation to closure (internal and external).
- Review technical designs to ensure alignment with security best practices.
- Drive the security audit lifecycle and lead major security audits and assessments (SOC2, ISO27001, NIST…).
- Drive evidence collection in collaboration with all involved stakeholders.
- Orchestrate and follow-up the remediation of findings.
- Participate in SOX legal audit, third party risk management, clients security questionnaires, and due diligence.
- Support the creation of clear, structured, and actionable security documentation (policies, standards…).
- Write security GRC documentation (Information security policies, Technical security standards using technical knowledge).
Requirements
- Master’s degree in Information Security, Computer Science, or a related field.
- 4-6 years of relevant experience.
- Additional certifications in security governance or compliance frameworks (e.g., ISO27001 Lead Auditor/Implementer, CISA, CISSP, or similar) are highly valued.
- Continuous professional development in areas such as risk management, audit methodologies, and regulatory compliance.
- You have experience in security GRC, compliance, or risk management.
- You are used to working with engineering teams, and you have a passion for it.
- You understand the basics of authentication, encryption, access control, threat modeling, etc., and you know how to talk to engineers.
- You know how to structure and lead complex, multi-team projects in a fast-paced, agile environment.
Benefits
- Annual Leave in number of 20 allotted to all employees beginning of every calendar year.
- Sick Leave in number of 12 is allotted effective DOJ and beginning of ever calendar year.
- Other Leaves-Maternity Leave & Paternity Leaves, Birthday Leave Entitlement
- Dedicated L&D Budget for all Teams to upskill & get certified
- All employees are entitled for Group Personal Accident Cover & Life Cover Insurance.
- Insurance coverage for the entire family (Employee + up to 7 dependents - Self, Spouse, up to 4 children, and Parents)
- Monthly Cross Team Lunch
- Rewards and Recognition program-Employee of the month, Star Performer, Tenure Celebration & many more
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Location requirements
Security Business Architect role enhancing administration at Desjardins Group, a leading financial cooperative in North America.
Security Officer responsible for maintaining a secure environment at healthcare facilities. Patrols, responds to emergencies, and supports safety measures for staff and visitors.
Site Security Officer supporting security operations at Saab Surveillance in Sweden. Managing risk analyses, security at events, and providing expertise on security projects.
Information Security Specialist responsible for protecting systems and data at Ituran. Collaborating with teams and ensuring compliance with security measures and regulations.
Senior Cloud & Information Security Engineer responsible for EC Markets' technical security posture. Designing and operating secure systems while ensuring regulatory compliance and cloud infrastructure security.
Product Security Engineer focusing on ensuring software resilience against attacks during development phases. Collaborating with DevOps and Engineering teams to enhance security protocols.
IT audit specialist responsible for executing technology and cybersecurity audits at an international bank in Zurich. Collaborating with top management to enhance internal controls and efficiencies.
IT Systemadministrator focusing on Sophos Security at bauXpert GmbH. Responsible for IT infrastructure management and support tasks in a hybrid environment.
Cyber Security Specialist designing and implementing security controls for Squarcle clients. Supporting compliance with regulations and best practices in a digital environment.