Security Engineer

Location: Paris Department: Tech Employment Type: Permanent Work Arrangement: Hybrid (on-site position with up to 2 days per week remote work) Company Mission and Product:

• Product-first team focused on growing cybersecurity culture.
• Platform delivers chat-based 4-minute courses to employees for cybersecurity awareness.
• Simulates phishing attacks to prepare employees in a safe environment.
• Founded in 2020, raised $45M from investors including Y Combinator, Left Lane, Base10, Funders Club, and Frst Capital.
• Protects over 2 million employees in 2,000+ companies worldwide (e.g., Intercom, Deel, Deezer).

What you will do 🤝

• Build and maintain Governance, Risk Management, and Compliance (GRC) framework: policies, procedures, risk registers, controls.
• Conduct risk assessments, vendor security reviews, internal audits.
• Prepare organization for external audits and certifications (SOC 2, ISO 27001, ACN), including evidence collection and remediation tracking.
• Provide guidance and awareness on security and compliance best practices to teams.
• Additional security technical projects as needed based on company growth.

Who you are 🪪

• Experience: 1-4 years in security engineering or consulting.
• Familiarity with SOC 2, ISO 27001, risk assessment methodologies.
• Hands-on experience with bug bounty programs, vulnerability management, security questionnaires.
• Strong communication skills; ability to collaborate with engineering and cross-functional teams.
• Full professional proficiency in English; native French speaker.
• Based in Paris or willing to relocate.

It will be a cultural fit if 🫂

• You are a doer: willing to get hands dirty and get things done.
• You have high standards: expect top performance.
• You are enthusiastic: passionate and excited about your work.

Why join us at Riot 💜

• Financially healthy company with strong capital efficiency; fundraising supports scaling and growth opportunities.
• Fast-growing startup with strong vision and ambitious goals; tripled revenue over past two years; aiming for €40M ARR by 2026 (from €20M).
• Collaborative team environment in modern cozy office located in the heart of Paris: République / Canal Saint-Martin.

Recruitment process 🎙️

1. First call with Tech Talent Acquisition Manager or Security Engineer (30 min)
2. Second call with Security Engineer (30 min)
3. Onsite case study with CTO & Security Engineer (90 min)
4. Culture Fit interview

Additional notes:

• Position is on-site with up to two days remote work per week allowed.

Diversity & Inclusion Statement: Riot values diversity as a driver of innovation and inclusion as fostering belonging; committed to building a diverse team reflecting wide perspectives and backgrounds; welcomes candidates from all walks of life. Use of AI in Hiring Process: AI tools may be used for note-taking and interview review but final hiring decisions are made by humans.