Chief Information Security Officer

Filigran SAS

Job Overview

Location

France

Job Type

Full-time

Full Job Description

📋 Description

• As the first internal security leader at Filigran SAS, you will design, build, and run the foundations of the company's information security programme from the ground up, establishing the Filigran-CERT (F-CERT) and serving as the operational and regulatory gatekeeper for AI, privacy, and security compliance, directly reporting to the CEO and collaborating with C-suite, engineering, product, legal, and external regulators to embed cybersecurity and data protection across all business operations.
• You will design and implement Filigran's first CSIRT and Security Operations (SecOps) framework, define incident detection, response, containment, and recovery processes, manage hybrid Level 1 monitoring with external Managed SOC providers, act as primary incident commander for security events and data breaches, build and maintain incident playbooks and escalation paths, drive post-incident reviews, and ensure timely breach notifications to supervisory authorities in coordination with the General Counsel.
• You will leverage Filigran's own open-source products (OpenCTI, OpenBAS/OpenAEV) to conduct advanced threat intelligence analysis and breach & attack simulations, continuously evaluate threats relevant to the company and its ecosystem, provide actionable intelligence to leadership and engineering teams, establish and maintain an ISMS aligned with ISO 27001, SOC 2, or equivalent standards, lead security certification efforts, manage external audits, own vendor security assessments and third-party risk management, and hold the formal Data Protection Officer mandate under GDPR as the official point of contact for supervisory authorities (e.g., CNIL), ensuring AI initiatives and data processing meet regulatory requirements.
• You will act as a player-coach, balancing hands-on security work with preparing for team growth by defining future SecOps roles, mentoring and onboarding new hires as the team scales, collaborating closely with the General Counsel to translate legal and policy obligations into operational controls, monitoring evolving regulations (GDPR, AI Act, ePrivacy, NIS2), assessing operational impact, and handling or coordinating responses to data subject requests (DSARs) and regulatory enquiries.
• You will join a fast-growing, global, fully remote company building open-source cybersecurity solutions powered by AI, trusted by over 6,000 public and private organizations worldwide, where you will help unite defenders into a global community to make security more open, resilient, and collaborative, guided by core values of Cohesion, Openness, Responsibility, and Equity, and contribute to a culture where diversity strengthens both products and team.

🎯 Requirements

• Proven experience in an information security leadership role (CISO, Head of Security, CSIRT Manager, or equivalent)
• Formal DPO qualification or equivalent experience with solid working knowledge of GDPR and EU data protection law, including AI Act implications
• Strong background in incident response, forensics, and security monitoring, with experience working with managed SOC services in hybrid models
• Knowledge of threat intelligence practices and frameworks (MITRE ATT&CK, STIX/TAXII), with bonus if you've used OpenCTI, and familiarity with red teaming, breach & attack simulation (BAS), or security testing
• Comfortable operating at the intersection of technical security and regulatory compliance without owning the legal function, with excellent communication skills for regulators, customers, technical teams, and executives, and fluency in English (French is a strong plus)

🏖️ Benefits

• Competitive pay + equity - everyone shares in our success
• Remote-first, flexible, and balanced work environment - work that fits your life
• Your setup, your choice - pick the gear that works for you
• Twice-a-year gatherings - we meet in person for regional and global offsites to connect, collaborate, and strengthen our culture beyond the screen

Skills & Technologies

Remote

Ready to Apply?

Apply Externally

You will be redirected to an external site to apply.

Filigran SAS

Visit Website

About Filigran SAS

Filigran SAS is a French cybersecurity company that develops open-source threat-intelligence and crisis-management platforms. Its flagship products, OpenCTI and OpenEx, help public and private organizations collect, analyze and share threat data, orchestrate responses and conduct crisis simulations. Founded in 2022 and headquartered in Paris, Filigran provides software, support and consulting services to improve cyber resilience.

View Company Profile

Get more remote jobs like this

Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.

Weekly remote jobs and featured talent.

No spam. Only curated remote roles and product updates. You can unsubscribe anytime.