CISO / Head Of Security

Job Description

WHY ARE WE HIRING ?

At OpenClassrooms, we take security seriously — and we’ve built a solid foundation to prove it. We’re ISO 27001 certified, our security processes are structured, and our engineering teams are already engaged.

We're hiring a GRC-focused head of security / CISO to own our governance, risk, and compliance strategy — not only to write policies and move on, but to make sure they’re implemented, respected, and improved continuously.

You’ll work across the organization to embed security into real workflows, foster a culture of accountability, and ensure we remain resilient, compliant, and trustworthy.

This is a transversal leadership role: you’ll drive execution, influence decisions, and raise the bar for security company-wide.

RESPONSIBILITIES

In this role, you will:

  • In coordination with the VP Technology, build our security strategy and related roadmap, organization and governance.

  • Lead our ISO 27001 certification strategy and actions with a clear goal: renew our certification each year while addressing all the findings with the specific teams (Tech, IT, Product, Legal)

  • Own the risk assessment and associated mitigation plans

  • Drive a security-aware culture within the company

  • Formalize security dashboards and reporting to the C-team and Board

  • Manage security related topics and relationships with our third parties and customers

  • Own our security tools and services

  • Lead security incident and crisis management actions

  • Formalize business continuity and recovery plans and build our cyber resilience strategy in collaboration with Engineering teams

  • Coordinate with Learning teams to define and update specific training programs around security and cyber.

WHAT IS UNIQUE ABOUT THIS ROLE ?

  • Security isn’t an afterthought here — we're ISO 27001-certified, with structured, well-established practices already in place.

    You'll collaborate with teams who care about security and see you as a partner, not a blocker.

  • We operate in a remote-first environment, using modern tools and approaches: passwordless authentication, SSO by default, real-time access inventory, risk management by application — security is baked into how we work.

  • You’ll have real ownership and impact: this is a leadership role where you set the vision and make it happen — not just execute someone else’s plan.

THE TEAM

You’ll be part of the Product and Technology department, a dynamic unit of about 55 people combining Engineering, Product, and Technology Operations at OpenClassrooms.

You’ll report to the VP of Technology and work within an organization structured around small, agile squads focused on delivering high-impact tech products.

While there isn’t a formal security team, security is embedded as a shared responsibility. You’ll work closely with a broad range of stakeholders—engineering leads, product owners, legal, and compliance teams—all deeply involved in maintaining and improving our security posture.

This position offers a unique opportunity to shape and influence security across the organization from a strategic and operational perspective.

Preferred Experience

You’re a great fit if you bring:

  • Strong experience in security & operations, in both B2C and B2B environments

  • Hands-on GRC skills, especially around ISO 27001: audits, remediation, cross-team follow-up

  • Solid grasp of risk management in SaaS and cloud-native setups (AWS, remote infra, etc.)

  • Broad awareness of key security domains: IAM, data privacy, incident response, business continuity, security awareness, etc.

  • Result-driven: you don't stop at writing policies — you make sure they're adopted and followed

  • You think strategically but can dive into details when needed — you're comfortable switching between big-picture vision and tactical follow-through

  • Well-organized and structured — you plan ahead and deliver reliably, even in complex environments

  • Influential communicator: clear, structured, direct — you get buy-in across teams and levels

  • Leadership : you lead through context and collaboration, not control

  • Structured yet pragmatic: you know when to hold the line, when to adapt, and how to move forward

  • You understand that good UX and good security aren’t opposites — frictionless ≠ insecure

  • You're proactive, autonomous, and impact-driven — you make things happen

  • You are fluent in English and French, both written and verbal

At OpenClassrooms, we prioritize learning potential over a perfect alignment with every job criterion. We highly value qualities such as eagerness to learn, commitment, and the potential for growth. If you are motivated and confident in your ability to excel in the role, we enthusiastically encourage you to submit your application

Recruitment Process

  • HR Prequalification (30 mins) with a member of the HR team

  • Manager Interview (1 hour) with Nicolas Guérin, VP Engineering. 

  • Case Study + Case Study Review Interview (90min)  

  • Team/Stakeholder Interview (45 mins): Virtual interview with two members of our teams to evaluate your compatibility with our work environment and values.

  • Professional References: At the end of the process, we may request professional references if necessary.

Additional Information

  • Contract Type: Full-Time
  • Location: Paris
  • Possible full remote
  • Salary: between 75000€ and 80000€ / year
Apply Now

See Other OpenClassrooms Job Listings