IT Risk & Trust Specialist

Dataiku is seeking an experienced IT Risk and Trust Specialist to join its Information Technology team, supporting both the French and global markets. This position will build functional and technical expertise by liaising with internal stakeholders, clients/ prospects, and third parties to support Dataiku’s IT Risk and Trust programs. 

As an IT Risk & Trust Specialist, you will be responsible for earning our customers’ trust in Dataiku’s information security program. When engaging with Dataiku’s prospective and existing customers, you will serve as a subject matter expert by addressing inquiries about our information security program. 

Additionally, you will support various teams in identifying, performing, and/or tracking operational IT control tasks to ensure Dataiku’s IT control environment operates effectively. 

Our ideal candidate should be comfortable communicating information security topics both internally within the organization and externally to customers and prospects. Our candidate should also have experience leading IT control remediation projects and applying tailored risk mitigation strategies to various organizations. 

Working within an international organization, we are seeking an individual interested in collaborating with a diverse and global team. This opportunity is open to remote work. 

About Dataiku’s Information Security Program 

Dataiku’s Information Security program is implemented based on industry best practices, trends, and regulations. The program is supported by senior leadership across the Information Technology, Engineering, and Legal & Compliance teams, who possess deep industry knowledge and a thorough understanding of Dataiku’s culture and product. Our goal is to provide a product that our customers can trust. Dataiku is an ISO 27001 and ISO 27701 certified organization and has completed its SOC2 Type II assessment. 

What you’ll do…

• Respond to clients’ and prospects’ questions related to security compliance.

• Lead IT controls operational tasks, such as performing risk assessments, tracking remediation plans, reviewing third-party risks, and coordinating incident response and business continuity planning. 

• Assist in the coordination of various technology audits 

• Develop and manage Information Security program documentation and assets, e.g., tools, Intranet, and employee training materials. 

• Coordinate the creation and review of global policies, procedures, and standards.

• Assist in leading security efforts in pursuing and maintaining Dataiku’s security and privacy certifications.

Who you are…

• A detail-oriented individual who has at least business-fluency verbal and written communication skills in French and English. 

• Strong problem-solving, collaboration, communication, and presentation skills.

• Ability to effectively multitask, prioritize, and adapt in a fast-paced, dynamic business environment.

• Experience in project management of enterprise technology strategic projects/ action plans. 

• Experience with project management tooling.

• Experience conducting business or technology risk assessments and risk remediations.

Bonus points for any of these..

• Familiarity with the Dataiku product and services, Cloud Computing and/or SaaS concepts.

• Familiarity with IT controls of SaaS technologies, HRM/HRIS systems (e.g., Workday), Customer Data and Analytics platforms, and/or Salesforce (SFDC).

• Experience in working with ISO, SOC, SOX, HIPAA, or PCI-DSS frameworks 

• Experience working in a startup environment and/or a client-facing role

• Industry certifications in Security and/or Privacy, e.g., CISA, CISM, CISSP, CIPP/Europe, US, Canada, and/or Asia, CIPT.