Senior Cybersecurity GRC (HFN)

Were hiring a Security GRC Engineer to help us build governance risk and compliance in a way that actually works in a modern tech organization: pragmatic automation-friendly and aligned with agile delivery.
This is not a paperwork job. Youll partner closely with engineering product workplace auditors and security to turn risk management and compliance into clear usable guardrails and youll challenge processes that create friction without improving security.

What youll do

Risk management that drives decisions
Run lightweight continuous risk assessment and threat modelings with teams (not once-a-year rituals).
Translate risk into clear options: impact likelihood tradeoffs and recommended actions.
Track remediation plans and provide visibility through simple reporting.
Build practical governance
Maintain and improve security policies/standards so theyre short actionable and adopted.
Create control objectives that fit real engineering workflows (CI/CD cloud SaaS identity).
Compliance without the theater
Support audits and evidence collection with a focus on efficiency and reusability.
Help align our program with recognized frameworks (e.g. NIST ) in a pragmatic way.
Develop compliance-as-code habits where possible (automated checks continuous evidence).
Third-party risk (vendors partners)
Drive assessments follow-ups and risk treatment with procurement and stakeholders.
Push for scalable vendor processes (tiering standard questionnaires measurable requirements).
Security enablement
Create playbooks templates and self-service material that teams can use without heavy guidance.
Coach teams to understand risk and make better security choices early in delivery.

Qualifications :

Experience in GRC / risk / compliance in a tech environment (security cloud SaaS engineering orgs).
Strong understanding of security fundamentals: identity access logging incident response cloud shared responsibility secure SDLC (at a practical level).

• Ability to write simple clear policies/standards and translate requirements into engineering-friendly controls.
• Comfort with ambiguity and agility: you can iterate prioritize and deliver incremental improvements.
• Excellent stakeholder skills: you can influence without authority challenge respectfully and get things done.

Bonus points

• Experience aligning programs to frameworks (NIST CSF ISO 27001 SOC 2 etc.).
• Experience with vendor risk platforms or automation (workflows evidence collection dashboards).
• Familiarity with compliance as code concepts continuous controls monitoring or security tooling.
• Experience partnering with product/engineering teams on secure-by-design practices.

How we work

We value ownership transparency and pragmatism.

We prefer automation and repeatability over manual processes.

We challenge the old way when its slow fragile or meaningless.

We aim to be a security team that teams want to work with.

Additional Information :

SET THE TONE WITH US:

Working at Believe means having individual and collective impact in a fast-growing company!  

At all stages of their careers Believers are an important part of what we are doing: shaping the future of the music industry. 

We need teams that truly reflect the diversity of our clients: our international presence is an inspiring and enriching work environment for each one of us with daily opportunities to connect with our colleagues all over the world. 

We have two hearts at Believe - our People and our Artists. 

We believe in THE POWER OF OUR PEOPLE who grow every day to develop their potential We aim to provide our Believers with the best environment to thrive. 

ROCK THE JOB 

• Tailor-made training and coaching program 

• Remote working policy

• A wellness program Pauses with many activities and animations in-house

• Access to Eutelmed a digital mental health and well-being platform that allows you to speak with an experienced psychologist

• A healthy and eco-responsible company restaurant

• Individual or family health insurance

• CSE benefits 

• A rooftop

• A gym with free classes

SING IN HARMONY 

• Ambassador program: an employee volunteering initiative dedicated to all Believers interested in having a positive impact on Diversity Equity & Inclusion (DEI) wellbeing and the planet.

• Implementation of the sustainable mobility package Forfait mobilité durable > Reimbursement of up to 600 for public transport/low carbon footprint

• 5 calendar days 2nd parent leave with 100% pay (in addition to the legal paternity or adoption leave)

We are committed to having a workforce that is representative of the community it serves at all levels of the organisation. We therefore welcome applications from all backgrounds and all sections of the community regardless of age disability gender race religion and sexual orientation.

Remote Work :

No

Employment Type :

Full-time