Créé en 2014, Ledger est le leader mondial des solutions de sécurité et d’infrastructure pour les cryptomonnaies et les applications blockchain avec plus de 1.6 millions d’utilisateurs dans 165 pays. Ledger allie des expertises hardware et software afin de sécuriser des milliards de dollars sur plus de 30 cryptomonnaies.
Ledger conçoit les solutions les plus fiables et les plus simples d’utilisation : notre équipe R&D a créé un Operating System dont l’ouverture et la flexibilité permet à l’utilisateur de reprendre le contrôle de sa vie digitale. Nous intégrons cet OS sur carte à puce (Secure Element) et HSM (Hardware Security Modules).
En sécurisant l’ensemble de la blockchain, Ledger veut être un acteur majeur de la 4ème révolution industrielle.
Leurs équipes sont situées à Paris, Vierzon, Hong Kong et New York.
Chez Ledger, ils font un PACTE avec leurs collaborateurs. Cela signifie qu'ils incarnent les valeurs qui font leur unicité : le Pragmatisme, l’Audace, la Confiance, la Transparence et l’Engagement.
Reporting directly to the Chief Information Security Officer (CISO), the Head of IT (Cyber) Security Operations and Engineering will be an innovative, experienced, self-driven manager/leader in the cyber security space that will be able to educate, provide guidance, and help drive information security initiatives and standards throughout the company.
This individual will be an enabler and a strong partner for various departments (Platform, Networks, DonJon, Legal, etc.) and teams. The candidate must also possess a strong hands-on technical- and security- practitioner background and the ability to effectively work with technical staff, understand governance, risk mitigation, and technical controls.
As the Head of IT (Cyber) Security Operations and Engineering team, this individual will establish and drive effective processes, technical security standards, and appropriate partnership among teams. This role will be in charge of the day to day management and execution of detailed security operations and technical control sets - a strong technical background will be required to ensure success of the role and technical nature of the interactions with other supporting teams (network, platform, developer communities, etc)
ResponsabilitiesDevelop, establish, and manage the execution of the strategy for the Information Security Operations and Engineering functionRecruit and manage the IT (Cyber) Security Operations team and the IT (Cyber) Engineering team Direct, oversee and manage Information Security Operations and Engineering activities, including creation of security artifacts that reflect and sustain business, operational, technical, and compliance objectivesDevelopment and maintenance of Cyber Security roadmap, technology / tooling selection, implementation, maintenance, configuration, operation - end to end lifecycleWork with Engineering and Operations teams to secure production environments, and implement systems to monitor and maintain the security of our products in development and productionEstablish a regular program to review subsidiary environments to ensure security standards are in force and are effectiveThe timely review of threat and vulnerability reports and the creation of processes and action plans to address risks identified by themLog management review activitiesRegular vulnerability scans of systems across the organization and collaborate with departments to ensure systems are remediated and/or security controls set in placeContribute to the annual review and update of the Disaster Recovery and Business Continuity PlanEnsure compliance of the Information Security and Risk Management program with all Regulatory, Contractual, Association, and Client requirementsConduct presentations to and collaborate with company stakeholders to raise awareness of security risk and drive outcomes to improve security posture Work with Executive Management to determine acceptable levels of risk for the companyWork with outside partners or consultants as required to meet independent security audit needs; manage outside security partners, stakeholders, vendors, and solutions providers working on security implementationsSupport compliance efforts, client audit responses (for IT and Security items) and other compliance requirementsAssist the Information Security team with developing and building a forward-thinking, preventative Information Security Program across all disciplinesMaintain awareness of Information Security industry trends, evaluate solutions and techniques, and remain aware of new and emerging threatsOther duties as assigned
Qualifications / RequirementBachelor's degree in related field or equivalent combination of experience and educationCISSP, CISM, or other equivalent security certification is a plus10+ years of technology experience with a minimum of seven years specifically focused in the area of Cyber SecurityDemonstrated leadership abilities with team-oriented interpersonal skills; ability to effectively interface with a broad range of people and rolesRecent experience with engineering, implementing & managing Information Security controls in SasS environments preferredProgressive experience in Information Security management including, managing Information Security team staffing, contracting, budgeting, vendors, and security programs and projectsHands-on technical experience with Physical Security Systems, Telecommunications and Networks, Security Solutions (Firewalls, IDS/IPS, SIEM, Vulnerability Assessment Tools), Employee Security Training, Access Control Systems, Cryptography, and Secure SDLC Methodologies Working knowledge of modern software development practices, such as SDLC, Agile, SAFe, etc.Working knowledge of common information security management frameworks, such as, PCI, ISO/IEC 27001, and NIST CSFWorking knowledge of state and federal information security, compliance, and privacy procedures such as GDPR and CCPA securities policies Understanding of rules and laws governing public companies, including GLBA and SOXAbility to interpret state and federal laws, company guidelines, and regulatory rules to determine how they apply to the companyExperience performing multifaceted projects in conjunction with routine operational and support activities
BenefitsCompetitive compensation package and ESOP according to the Company policyFlexible working hours, remote-friendly environmentStrong focus on personal development including internal/external trainings and attendance to conferencesInternal talks, technical meetups and HackathonsHigh performance office equipmentComprehensive health insurance policy offering extensive medical, dental and vision care coverageMeal Vouchers with Swile (ex Lunchr)Annual company outing for Ledgerdary Days plus infrequent parties, snacks and drinksEmployee discount on Ledger products
Ledger guarantees equal opportunity for all during the recruitment process, without any distinction of gender, ethnicity, religion, sexual orientation, social status, disability or age
- Contract Type:Full-Time
- Location:Paris, France (75002)