Compliance Officer

We are the #1 Enterprise Data Security Platform for Salesforce Odaseva is the only platform built specifically to help the world's largest and most ambitious Salesforce customers keep their data secured, compliant, and agile. We are backed by Salesforce Ventures and are proudly one of the top 5% of ISV partners in the Salesforce ecosystem. Fortune 500 companies like Schneider Electric, Toyota, Heineken, John Hancock, and non-profits trust Odaseva with their most complex data management challenges. More than 90 million Salesforce users rely on Odaseva.   In a world of data breaches and ransomware attacks, Odaseva is on the front lines of developing powerful tools to help companies protect their customers' data against attacks, comply with data privacy regulations like GDPR, and give their DevOps teams the tools to manage data at every step of the application cycle management process   It's a great time to join us! When you join Odaseva, you’ll work alongside some of the most accomplished people in the Salesforce ecosystem.

You Role:  Odaseva is looking for a Compliance Officer to join a team of skilled professionals. You will be based in Paris and report directly to our CISO. 

Your responsibilities will include:

• Maintain the information security management system (ISMS)
• Maintain ISO 27001 and SOC2 compliance
• Implement / maintain security compliance frameworks, either by industry vertical (TISAX, HITRUST, PCI, etc.) or regional requirements (IRAP, FedRAMP)
• Map internal controls to compliance, contractual or risk driven requirements ● Identify and work with auditing firms, collect evidences to present to auditors and customers
• Ensure technical implementation and business processes are aligned ● Participate in the creation, review and update of information security policies ● Maintain the quality management system and internal auditing
• Provide technical advice, recommendations and consultancy on product architecture, infrastructure and processes
• Provide or assist with implementation documentation
• Ongoing project management

You will bring:

• 5+ years experience in a Security Consultant position
• Masters in Information System Security or other Computer Science field
• Deep understanding of security risk management methods (ebios, mehari, etc.)
• Ability to align information security policies with business requirements
• Flair for translating information security requirements into IT security controls and measures
• Attention to detail, rigor
• Excellent communication skills – both written and verbal
• Project management skills and an ability to translate business requirements into technical IT security deliverables
• Strong knowledge of risk management
• Certifications like ISO27001, ISO27005 would be strongly appreciated