
Responsable Conformité et Sécurité opérationnelle F/H
Hybrid
Val De Livre, France
Full Time
16-04-2025
Job Specifications
Description du poste
Intitulé du poste
Responsable Conformité et Sécurité opérationnelle F/H
Contrat
CDI
Temps de travail
Temps complet
Télétravail
Hybride
Description de la mission
Fort de son expertise et de son expérience dans la lutte de contre la fraude à l’identité dans le monde numérique, Docaposte, acteur de la confiance numérique, opère depuis plusieurs années des solutions certifiées autour de l’identité numérique (identification, authentification signature…). Docaposte a fait certifier ces solutions au niveau européen (eIDAS, ETSI…) et national (PVID) afin d’apporter le niveau de garantie maximum aux utilisateurs et à ses clients.
Docaposte répond ainsi aux besoins grandissant des entreprises et administrations publiques de plus en plus exposées à la fraude, dont les moyens techniques se développent de manière exponentielle. Les solutions de confiance Docaposte certifiées permettent à ces acteurs de renforcer leur sécurité contre ces attaques, tout en se conformant la règlementation qui impose à un nombre croissant de service en ligne à avoir au recours à une solution certifiée dès lors qu’une preuve d’identité est nécessaire.
Votre rôle en tant que Responsable Conformité et Sécurité sera de garantir la sécurité et la bonne conformité des solutions de vérification d’identité (PVID principalement) au regard des menaces existantes et potentielles, tant sur le système en production que sur les évolutions qui sont envisagées. Vous serez l’interlocuteur clé sur ces sujets en interne et en externe, et collaborerez avec équipes et services adhérents tels que l’équipe technique, juridique, cybersécurité et produit.
Vous interviendrez sur les services de vérification d’identité de la BU « Digital Identity and Services », et serez rattaché directement la direction de l’activité. De plus vous contribuerez activement à la stratégie et la feuille de route cybersécurité de Docaposte sous la responsabilité de la Direction cybersécurité de Docaposte.
Vos Missions Principales S'articuleront Dans Les Domaines Suivants
Gouvernance
Définir et animer les instances de pilotage de gouvernance de la cybersécurité
S’assurer de l’application des politiques de sécurité
Assurer le reporting des indicateurs
Gestion des risques liés à la cybersécurité et la lutte contre la fraude
Décliner la méthodologie de cartographie des risques de la Direction Audit, Risques et Contrôle Interne
Mettre en place des dispositifs de prévention et de détection des fraudes.
Réagir aux incidents de sécurité, piloter leur remédiation et animer les réunions de crise.
Audit, conformité et veille technologique
Réaliser des contrôles internes
Piloter les audits nécessaires pour maintenir et garantir la solution à un haut niveau de sécurité (PVID, eIDAS, NIS 2, DORA et aux exigences qui y sont liées)
Piloter la mise en œuvre des plans d’action relatifs au traitement des non-conformités
Sensibilisation et accompagnement
Former et sensibiliser les équipes aux bonnes pratiques
Assurer un rôle de conseil et d’approbateur auprès des équipes sur les évolutions du service
Ces missions ne sont pas exhaustives.
Votre nouvel environnement
Socle Social
Avantages financiers: ticket restaurant et participation employeur RIE, participation à 67% au frais de transport en commun.
Bien-être / santé: mutuelle, CE, évènements d'entreprise réguliers sur site, politique de télétravail, salle de sieste, ping-pong, baby foot, salle de sport, conciergerie, ostéopathe...
Nous vous accompagnons
Un programme de formation et d'accompagnement est prévu en fonction de vos compétences précédemment acquises et de votre expérience.
Localisation du poste
Localisation du poste
Ile-de-France, Val de Marne (94)
Lieu
Ivry-sur-Seine
Critères candidat
Niveau d'études min. requis
Bac+5
Niveau d'expérience min. requis
6 ans et plus
Langues
Anglais (Moyen)
Profil : Pour l’égalité des chances, Docaposte fait vivre la diversité. Nos postes sont ouverts à tous.
Votre expérience en tant que RSSI, responsable Conformité ou Sécurité opérationnelle, ou poste similaire vous a conféré une solide expertise en matière de fraude et de cybersécurité.
L'exercice de ces fonctions au sein d'un service de confiance certifiés sera très apprécié.
Vous êtes issu d'une formation bac +5 en informatique et / ou cybersécurité, et disposez d'une expérience significative de 10 années en tant que RSSI, expert sécurité et/ou conformité, auditeurs ou postes similaires. Une expérience en tant qu'architecte ou tech lead d'une solution de sécurité sera très apprécié.
Vous connaissez les techniques et scénarios d'attaques autour de l'usurpation d'identité et connaissez les enjeux liés à la fraude biométrique et documentaire.
Vous maitrisez les techniques d'audits et savez piloter avec rigueur les planning et parties prenantes de ces audits.
Vous Disposez Des Compétences Ci-dessous
Maitrise des référentiels normatifs et réglementaires (2700x, NIS 2, DORA, RGPD, eIDAS)
Méthodes d'analyse de risques : ISO 27005, EBIOS RM, etc.
Réglementation de la sécurité des S.I. : Informatique et Liberté, identité numérique (eIDAS), archivage à valeur probante
Scénarios de fraudes et de menaces informatiques
Scénarios de défense informatique (prévention, détection, réaction)
Connaissance des principes et règles de sécurité des S.I. (Développement sécurisé, test de sécurité, exploitation sécurité, architecture, réseaux, méthodes d'audit, etc...)
About the Company
DOCAPOSTE, filiale du Groupe La Poste, accompagne les entreprises dans leur transformation numérique et mobile. Elle propose des solutions sur mesure ou clés en main, allant du conseil à la gestion déléguée de processus, en passant par l'échange de données sécurisées, l'archivage électronique, la numérisation, la délivrance et la gestion d'identités numériques. Know more
Related Jobs


- Company Name
- Amaris Consulting
- Job Title
- Network Engineer
- Job Description
- Take your career to the next level with Amaris Consulting as a Network Operations Center Specialist. Become part of an international team, thrive in a global group with €800M turnover and 1,000+ clients worldwide, and an agile environment by planning the kickoff and follow up on projects. The ideal candidate has extensive experience with LAN and Wi-Fi network technologies, experience with CISCO, proficiency in English, and is based in or willing to relocate to Paris. Join Amaris Consulting, where you can develop your potential and make a difference within the company. WHAT WOULD YOU NEED? Proficiency in LAN and Wi-Fi technologies. Extensive experience with CISCO. Good understanding of SD-WAN principles and implementation. Excellent problem-solving and communication skills. Proficiency in English. AND IF IN ADDITION... Relevant certifications such as CCNA, CCNP, or CCIE. Proficiency in Firewall technology and familiarity with the concept of VPN. Knowledge of Palo Alto. WHAT WILL YOU BE DOING? Monitor, configure, and administer LAN and Wi-Fi network infrastructures. Monitor, configure, and administer Internet connectivity network infrastructure (Public Peering, IP Transit, IXPs). Monitor, configure, and administer Cloud Access. Monitor and administrate WAN Network (SDWAN). Configure DHCP infrastructure (Infoblox). Collaborate with cross-functional teams to ensure network reliability and performance. Update technical documentation to be distributed and shared with internal and external teams in a cloud shared space. Work closely with a local on-site support team & Service Desk supporting network service lines regionally and globally. Experience working with international teams and following global standards (SNOW ticketing tool, ITIL). WHY US?? Join our dynamic team of talented people and discover a world full of growth and opportunity. Here's what we offer: Rapid growth through a personalised career path and salary assessment. 70% of our senior leaders started in entry-level positions. Improve your skills through our Technology Academy catalogue, Udemy platform, language classes, webinars and workshops. Take control of your training with a personal annual budget and company-paid certifications. Enjoy flexible policies, remote work options and excellent social benefits such as transport and restaurant tickets, childcare support and private health insurance. Benefit from our WeCare programme, which supports employees in critical situations. Unlock your full potential, both professionally and personally. Amaris Consulting prides itself on being an equal opportunity employer. We are committed to promoting diversity within the workforce and creating an inclusive work environment. To this end, we welcome applications from all qualified candidates, regardless of gender, sexual orientation, race, ethnicity, creed, age, marital status, disability or other characteristics.


- Company Name
- Datadog
- Job Title
- Senior Security Engineer - Vulnerability Management
- Job Description
- Datadog is seeking an outstanding Senior Security Engineer to support the Vulnerability Management program in our growing multi-provider ecosystem. You will identify and drive remediation for vulnerabilities discovered across Datadog’s multi-cloud products and services, building on platforms to automate the processes in order to triage and prioritize security deviations to closure and provide insight to the state of security of Datadog. You will collaborate with various security, engineering, and compliance teams to understand technical constraints, identify solutions that reduce risk, and automate reporting for multiple compliance frameworks. At Datadog, we place value in our office culture - the relationships that it builds, the creativity it brings to the table, and the collaboration of being together. We operate as a hybrid workplace to ensure our employees can create a work-life harmony that best fits them. What You’ll Do: Work across multiple technologies and major cloud platforms to perform vulnerability impact assessment, root causes analysis, and to identify strategic opportunities for security posture improvement Develop, deploy, and maintain services that detect vulnerabilities and drive remediation Use custom and third party tools, as well as the Datadog platform, to detect, report, and remediate vulnerabilities Partner with internal and external customers to analyze security reports, identify false positives, and plan fixes required Provide evidence and subject matter expertise for vulnerability management processes and controls for multiple compliance frameworks (SOC2, HIPAA, PCI, FedRAMP, ISO) Independently analyze the Datadog environment to proactively identify critical exposure Who You Are: You have security experience managing the identification and remediation of vulnerabilities within large software systems You are experienced in one or more programming language (Golang, Python, Java etc) You are experienced with usage of orchestration platforms and container runtimes, infrastructure as code and cloud-native or multi-cloud environment (we use AWS, GCP and Azure) You have experience in driving efficiencies through automation, orchestration and partnerships with external teams You have good knowledge of integrating, analyzing, and communicating relevant metrics for very large data sets You are able to work independently and collaboratively, and communicate effectively in a fast-paced, high growth, distributed organization You have a BS/MS/PhD in a Computer Science, Engineering or related scientific field or equivalent experience Datadog values people from all walks of life. We know not everyone will meet all the above qualifications on day one. That’s okay. If you’re passionate about technology and want to grow your experience, we encourage you to apply. Benefits and Growth: New hire stock equity (RSUs) and employee stock purchase plan (ESPP) Continuous professional development, product training, and career pathing Intradepartmental mentor and buddy program for in-house networking An inclusive company culture, ability to join our Community Guilds (Datadog employee resource groups) Access to Inclusion Talks, our internal panel discussions Free, global mental health benefits for employees and dependents age 6+ Competitive global benefits Benefits and Growth listed above may vary based on the country of your employment and the nature of your employment with Datadog. About Datadog: Datadog (NASDAQ: DDOG) is a global SaaS business, delivering a rare combination of growth and profitability. We are on a mission to break down silos and solve complexity in the cloud age by enabling digital transformation, cloud migration, and infrastructure monitoring of our customers’ entire technology stacks. Built by engineers, for engineers, Datadog is used by organizations of all sizes across a wide range of industries. Together, we champion professional development, diversity of thought, innovation, and work excellence to empower continuous growth. Join the pack and become part of a collaborative, pragmatic, and thoughtful people-first community where we solve tough problems, take smart risks, and celebrate one another. Learn more about #DatadogLife on Instagram, LinkedIn, and Datadog Learning Center. Equal Opportunity at Datadog: Datadog is an Affirmative Action and Equal Opportunity Employer and is proud to offer equal employment opportunity to everyone regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, veteran status, and more. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. Here are our Candidate Legal Notices for your reference. Your Privacy: Any information you submit to Datadog as part of your application will be processed in accordance with Datadog’s Applicant and Candidate Privacy Notice.


- Company Name
- Micropole
- Job Title
- GO CLOUD & SECURITY - Chef de projet Sécurité Confirmé (F/H)
- Job Description
- Rejoignez Go Cloud & Security et devenez un #InnovativePeople ! Mission Au sein d’une structure dynamique et innovante, vous opérez les activités de Cybersécurité suivantes pour nos clients. Au Quotidien, Vous Aurez Les Responsabilités Suivantes Suivre les plans d’action, budgets, ressources et contributeurs liés aux différents projets Organiser la Gouvernance, préparer et animer les différentes instances de suivi internes et préparer les comités de pilotage Sécuriser la production, gérer un programme Maintenir à jour le référentiel documentaire autour de la sécurité et des risques Organiser / préparer les comités de suivi IT risques et Cybersécurité Suivre, Collecter les indicateurs de progression, performances risques et consolider les tableaux de bord Profil Votre Talent Comme Valeur Ajoutée PMO / Chef de projet Bonnes connaissances du SI Connaissances Standard NIST Expérience Sécurité et gestion des risques Capacité à travailler en environnement international Certification PMP, Prince 2 Vous disposez de capacités de rédaction Anglais professionnel courant Valeurs Partagées Vous serez immergé dans un environnement innovant, technophile, convivial et aurez la liberté d’exprimer tout votre talent, Esprit d’initiative, d’équipe et bienveillance, Innovation permanente, Veille technologique, Ouverture d’esprit, Forte sensibilité à la sécurité Infos pratiques A 200m, le métro Anatole France (Ligne 3) et un accès à l'ensemble des commerce du centre ville de Levallois-Perret à moins de 2 min à pied. Mot du Manager Au-delà de l’expertise technique et innovation permanente, chaque collaborateur développe des valeurs de partage, le sens du service et de la convivialité au travers d’une équipe dynamique et bienveillante. Nous offrons un environnement propice à une montée en compétence technique via la formation, les certifications, le coaching, les labs et les évènements organisés par nos partenaires technologiques. Nous accordons une grande importance à offrir un environnement équilibré entre vie professionnelle et personnelle mais aussi nous favorisons le développement d’initiatives et de projets innovants selon les idées et centres d’intérêt de chacun. Christophe LEVIER Directeur Go Cloud & Security chez Micropole


- Company Name
- Voyage Privé
- Job Title
- Chief Information Security Officer (CISO) H/F
- Job Description
- Born in France in 2006, Voyage Privé has grown from an ambitious startup into becoming the Europe's leading travel tech platform. Operating across 9 markets with tens of millions of users, we're not just another e-commerce success story - we're a tech powerhouse revolutionizing online travel. As a mission-driven company, we're unique in combining cutting-edge technology with social impact. Our innovative campus brings together tech talent, professional athletes, students, and artists, creating an ecosystem where digital innovation drives both business growth and positive change. We're now at an inflection point, upgrading our entire technical foundation with cloud architecture, AI, and real-time systems to become a reference and top-of-mind platform for luxury travel, known by travelers for its for excellent offer and customer experience, and by our providers as a high-performance business development partner. Why Join Us? Work at the intersection of cutting-edge technology and a mission-driven company, transforming how millions experience travel. Be part of an entrepreneurial team of innovators that isn't just building technology: we value innovation, ownership, and collaboration, with an emphasis on empowering engineers to make a difference. Shape a fast-growing tech company as we embark on an ambitious plan to scale tenfold in the next decade. Fast-paced, innovative environment with a real impact on high-end travel experiences. A chance to lead security efforts at a strategic and operational level. Direct visibility with the CDO and ExCom, shaping the future of security in a dynamic industry. A collaborative, tech-driven culture that values security as a business enabler. Enjoy a workplace that invests in personal and professional development, offering learning programs, mentorship opportunities, and career growth pathways. Job Description We are a large, renowned, fast-growing e-commerce company specializing in high-end online travel experiences. Security is a strategic priority to maintain the trust our customers have placed in us. Our goal is to protect our assets, manage risk, ensure compliance with regulatory requirements (e.g., PCI-DSS v4, GDPR), and build customer trust, all while supporting innovation in our technology and operations, and a profound transformation of our systems to enable and power our ambitious growth objectives. We are looking for a Chief Information Security Officer (CISO) who will define and execute a global security strategy, lead risk management efforts, and foster a strong security culture across the company. This role will be pivotal in securing our evolving infrastructure, enhancing governance, and demonstrating business impact through security initiatives. Key Responsibilities 1. Define, Drive, and Execute the Security Strategy & Roadmap Develop and maintain a comprehensive security strategy that covers technical, organizational, and physical security aspects. Build and execute a structured security roadmap aligned with the company’s business and technical transformation. Identify, assess, and prioritize information security risks (technical, organizational, human) and define appropriate mitigation plans. Ensure compliance with industry regulations and standards (PCI-DSS v4, GDPR, and other relevant frameworks) in collaboration with legal and business teams. Regularly report security progress, risks, and achievements to the Chief Digital Officer (CDO) and the Executive Committee (ExCom) through Quarterly Business Reviews (QBRs). 2. Proactive Risk Management, Automation & Business Impact Implement risk-based security measures and establish a continuous improvement approach for security operations. Develop automated security dashboards to provide real-time visibility on security posture, including risks, incidents, and security initiatives. Demonstrate tangible business impact of security actions (e.g., revenue protection, reduced fraud, SLA adherence, strengthened partner trust). Establish Key Performance Indicators (KPIs) to measure security effectiveness and ensure alignment with business objectives. 3. Technical, Physical, and Network Security Oversee physical security measures (e.g., access controls, video surveillance, alarms) in coordination with infrastructure and facilities teams. Ensure the security of networks, cloud infrastructure, and hybrid environments (on-premises + cloud). Secure our API-driven, microservices-based architecture, working closely with DevOps and cloud teams. Drive Security by Design and Zero Trust principles in all technology initiatives. 4. Leadership, Team Management & Cross-Team Collaboration Collaborate with product, data, engineering, infrastructure and legal teams to integrate security across all business functions. Work alongside the Office IT Manager for security-related actions within Microsoft environments (Active Directory, Office 365, MFA, etc.). Foster executive buy-in and ensure that security is seen as a business enabler, not a blocker. 5. Security Awareness & Culture Development Promote a strong security culture throughout the company, ensuring all employees understand their role in cybersecurity. Implement company-wide security awareness programs, including phishing simulations and best practices training. Act as a trusted advisor on security matters, maintaining a pragmatic and educational approach. 6. Data Protection, GDPR & Third-Party Risk Management Ensure compliance with GDPR and data privacy regulations, working closely with legal teams. Oversee data protection, anonymization, and secure storage practices. Manage third-party risk by ensuring vendors and partners meet security standards before integration. 7. Incident Management & Continuous Improvement Establish a structured incident management process, covering detection, response, mitigation, and post-incident reviews. Lead internal and external security audits, including penetration tests, organizational security reviews, and compliance assessments. Stay ahead of emerging cybersecurity threats and adapt security strategies accordingly. 8. Budget & Security Investments Define and manage the security budget, ensuring cost-effective investments in security tools and technologies. Justify security spending by demonstrating ROI and risk reduction benefits. Qualifications Technical Skills: Proficiency in IT security tools and concepts: Access management (IAM, SSO, MFA). Infrastructure security (firewalls, VPNs, network monitoring, Wi-Fi security). Application security (OWASP Top 10, API Gateway). Strong knowledge of standards and certifications: PCI-DSS, ISO 27001, GDPR (in collaboration with the legal team). Experience in hybrid environments (on-premise + cloud) and transformation projects. Advanced skills in dashboard creation and automated reporting, with a focus on demonstrating business impact (tools like Power BI, Tableau, or security-specific solutions). Soft Skills: Leadership...