GRC Engineer (Governance, Risk, and Compliance)

The Revevol Group is a cloud solutions specialist. In the past 10 years it transformed itself from a top Google Workspace reseller and deployment partner into a software editor by creating powerful software products to further help and develop our customers. These products have been funded by the Group’s own profits, and incorporated into subsidiaries AODocs and Talarian, which now generate the majority of the Group’s revenue, in the form of recurring software subscriptions. AODocs is a software company created in 2012 with the mission to transform enterprise documents into controlled, actionable intelligence. Built on top of Google Cloud Platform for scalability, it also provides deep integrations with Google Drive and Microsoft Office. AODocs also brings reliable AI to its customers, by allowing them to automate metadata tagging at scale while ingesting documents and using Al agents in workflow to extract, summarize, review, translate documents at full speed. AODocs is included by Gartner (in its Magic Quadrant) and Forrester (in its Wave) as one of the most innovative players in the content services space. AODocs is used by over 500 large organizations such as Google, Colgate, Air Liquide, Equifax and Veolia to control their sensitive documents and automate critical business processes with use cases ranging from contracts management, quality control, safety management, certifications (FDA, ISO, etc.), HR processes and many more. Talarian is a growing, and profitable software company that is building the future of spreadsheet-driven business applications. Talarian’s latest product is GPT for Work , enabling people to use ChatGPT and other GenAI providers’ models directly from Excel, Google Sheets, Word and Docs. Talarian’s other products include YAMM , Awesome Table , and Form Publisher . They are used and loved by millions and some of the most popular products in the Google Workspace and the Microsoft AppSource marketplaces. We have offices in Paris, Atlanta and Milan as well as people based all over the world (remote work). Our group is over 250 strong, composed of highly motivated and competent people who love to innovate. We work in a very collaborative and transparent manner: key metrics are communicated broadly, on a weekly basis, and decisions are discussed collectively, not behind closed doors. We believe that good ideas can come from anyone, regardless of their formal job role. We are growing quickly, and looking for new talent that will help us reach new heights. Job Description We are looking for an experienced Governance, Risk, and Compliance (GRC) Engineer to join our team. In this role, you will be responsible for developing and maintaining systems and processes to ensure regulatory compliance, manage organizational risks, and protect the integrity and security of our data infrastructure. The ideal candidate will bring a solid technical foundation, comprehensive knowledge of regulatory standards, and strong cross-departmental collaboration skills to advance compliance efforts. Key Responsibilities: Strategic Leadership Collaborate with the CISO to define a multi-year, risk-based security roadmap, including the creation of policies, processes, and guidance documents to ensure effective implementation. Execute the security roadmap autonomously or with support from engineering teams, adapting to project technical requirements in either a delivery or project management role. Develop and implement company-wide security policies and procedures encompassing internal IT, production platforms, facilities, and other areas. Enhance and maintain the risk analysis process and its mitigation strategies. Design and manage a comprehensive reporting framework for security indicators. Operational Excellence Lead the execution of the security roadmap by driving initiatives and coordinating efforts with engineering teams and other stakeholders (e.g., legal, HR, support, customer experience). Oversee vulnerability management, including triage, prioritization, and mitigation follow-up. Conduct vendor security assessments to ensure compliance and provide security approvals during procurement processes. Support the asset management program, including oversight of contractors, accounts, and datasets. Compliance Management Manage SOC 1 and SOC 2 certification renewals and contribute to maintaining and acquiring new certifications (e.g., ISO 27001, ISO 27701). Plan and oversee internal and external compliance audits. Strengthen compliance programs by collaborating cross-functionally to ensure adherence to standards. Work with Sales and Legal teams to monitor the regulatory landscape and address compliance requirements in alignment with market needs. Advocacy and Training Develop and deliver security awareness training programs, promoting best practices across the organization (e.g., onboarding sessions, phishing simulations, developer training). Experience & Expertise A minimum of 5 years of experience in governance and compliance roles, such as Security Engineer, Security Project Manager, or Compliance Officer Deep understanding of the ISO 27000 series certification, ideally with experience in doing the implementation Solid technical foundation in security engineering. Strong team player with a solution-oriented mindset and a proactive attitude. Fluent in English and French

Location: Paris, FR

Posted Date: 1/15/2025