The Sr. Security Compliance Engineer is a vital strategic role for Criteo and our security vision. The role will report to the company CISO and traverse our technical and product functions with a focus on building our accreditation and certification roadmap. The role’s objective is to design and implement effective security controls to emphasize ‘Trust’ to our clients in Criteo innovative approach to building security and privacy compliance at scale. You’ll work with a fantastic international security team, and with one of the leading innovative tech companies in the world.
Act as primary point of contact & program lead on SOX risk management activities across supporting technical departments, liaising between technical teams to run quarterly/yearly reviews, proactively and reactively to mitigate deficiencies and optimize controls and compliance lifecycle management
Maintain and support security/control lifecycle to evolve and meet new accreditation and certification requirements in support of Criteo’s overall data security risk management and security branding
Act as the key focal point across Criteo ERM, GRC and Security Risk Management stakeholders to align SOX risk management and security assurance to support strategic objectives and security metric reporting in coordination with overall Security Team products/services
Support Security Governance and risk management processes across Criteo and with peer Security
Leads for overall protection of Criteo data assets against security risks, include policy and standards documentation
Manage Security Compliance staff to meet company security roadmap objectives and strategy
Manage Criteo’s security prospect to order process and pipeline to effectively support strategic growth and aligned to the company product and security’s roadmap activities
Provide security expertise and know-how to the company, global sales and Security Privacy champions
Support automation and development of key bid and security assessment application, continuous improving content and branding of Criteo security controls and capabilities
Maintain and build Criteo security content on Confluence and supporting company applications to educate and support sales RFP and security questionnaire activities
5+ years' experience or equivalent maintaining security assurance or certifications working within or leading such role in a global technology organization
Practical knowledge and experience designing, building, and sustaining ISO 27001, SOC2/3, and/or maintaining independently audited publicly listed US companies to SOX control frameworks
Great team worker with a positive attitude towards stakeholders and colleagues, with strong leadership competence and know-how
Ability to work autonomously, independently in an agile fast paced environment
Technical skills, inclusive of hands-on security expertise or practical knowledge gained within an agile cloud-based global company that emphasizes secdev/dev methodology aligned to automating orchestrated security solutions at scale
Excellent level of English (written and spoken)
Awesome problem-solving and collaboration skills and perspective with a willingness to learn, constant curiosity, and drive to build and support a world-class security system
Good ad-tech or digital/tech industry and marketing knowledge would be an asset
Criteo is the global technology company powering the world’s marketers with trusted and impactful advertising. 2,800 Criteo team members partner with over 20,000 customers and thousands of publishers around the globe to deliver effective advertising across all channels, by applying advanced machine learning to unparalleled data sets. Criteo empowers companies of all sizes with the technology they need to better know and serve their customers.
Check below to see all of the open Criteo jobs organised by team.
People & Places (5)
Product & Design (2)