Lead Cybersecurity Engineer

Location: Paris · Full-time · Omi.so

<aside> 💡

Title : Lead Security Engineer Role : Full Time Location : Full remote (Paris, EU) Salary : Up to 80k Level: senior

</aside>

☀️ Why this role ?

Build the foundations of Omi : As an Engineer working full-time on our Frontend at Omi, you'll have outsized influence on the infrastructure and foundations of the services we develop.

Work on a unique technology : Omi exploits the potential of the most performant rendering engines to create the most powerful and effective 3D marketing technology of the last (or next) decade. Let's achieve this goal together.

Join us at a magical time: We've just raised capital and we're starting to work on our product-market fit while acceleration our tech development, which gives us a huge green field to work with. You'd join at the perfect time to shape what we build and how we grow.

🧠 What You’ll Own

You’ll be the architect and guardian of Omi’s security posture. From compliance to cloud, from workstations to DevSecOps pipelines, your impact will be wide and deep:

• Compliance: Lead our readiness and ongoing adherence to ISO27001 and SOC 2 Type II. Own policy design, risk management, evidence gathering, and audit processes.
• IT & Endpoint Security: Enforce secure configurations across employee workstations. Implement MDM, patch management, endpoint detection, and network controls.
• Identity & Access Management (IAM): Maintain access control policies and systems. Conduct regular access reviews, ensure least privilege, and manage identity lifecycle across all environments.
• Vulnerability Management: Run automated vulnerability scans, triage findings, and lead remediation efforts. Embed secure tooling into dev pipelines.
• DevSecOps: Integrate security into our development lifecycle. Partner with engineers to design secure-by-default systems without slowing velocity.
• Data Protection: Drive company-wide alignment with GDPR requirements. Build and maintain our data protection framework. Collaborate with legal and product to manage data subject rights, and privacy-by-design practices.