Senior Security & Compliance Project Manager

• Joining the Trust & Compliance team means stepping into the engine room of security strategy at a fast‑moving tech company.
• A front‑row seat to how security drives innovation in a data and AI‑driven company.
• A strong cross‑functional culture: you’ll work with security engineers, architects, product managers, legal, compliance, and ops.
• A real project ownership opportunity—not just tracking tasks, but designing how compliance happens at scale.
• The freedom to propose, improve, and automate— we value people who bring structure and clarity, then move fast to deliver.

As a Senior Security & Compliance Project Manager, you will drive key security and compliance initiatives across Criteo. Your role is transversal and strategic: identifying and qualifying risks, defining priorities, aligning stakeholders, and ensuring consistent execution—from vision to delivery.

You might also own topics such as writing standards/policies, risk management, third‑party risk management, ISO27001, SOC2, SOX, and other team initiatives.

• Lead strategic security GRC programs.
• Manage risks.
• Define and structure security compliance projects (ISO27001, SOC2, NIST, internal control plans).
• Turn strategy into actionable roadmaps and clear milestones.
• Lead end‑to‑end project delivery across multiple teams (Security, Engineering, Infrastructure, Physical Sites, Legal, etc.).
• Facilitate and energize collaborative workshops and steering committees.
• Be a trusted partner for technical teams.
• Bridge the gap between compliance and engineering—technical knowledge and security expertise are key.
• Coordinate audit activities, from preparation to closure (internal and external).
• Review technical designs to ensure alignment with security best practices.

• Plan and lead major security audits and assessments (SOC2, ISO27001, NIST).
• Drive evidence collection in collaboration with all involved stakeholders.
• Orchestrate and follow‑up the remediation of findings.
• Contribute to the team’s transversal missions.
• Participate in SOX legal audit, third‑party risk management, client security questionnaires, and due diligence.
• Support the creation of clear, structured, and actionable security documentation (policies, standards).
• Write security GRC documentation (Information security policies, Technical security standards using technical knowledge).

• Master’s degree in Information Security, Computer Science, or a related field.
• Additional certifications in security governance or compliance frameworks (e.g., ISO27001 Lead Auditor/Implementer, CISA, CISSP, or similar) are highly valued.
• Continuous professional development in areas such as risk management, audit methodologies, and regulatory compliance.

• Experience in security GRC, compliance, or risk management.
• Comfortable working with engineering teams, with a passion for it; understands authentication, encryption, access control, threat modeling, and can communicate with engineers.
• Ability to structure and lead complex, multi‑team projects in a fast‑paced, agile environment.

• Autonomous, resourceful, and driven by impact—handling ambiguity.
• Strong communicator: simplifies complexity, aligns stakeholders, keeps momentum.
• Solution‑oriented, action‑driven mindset—identifying and sharing solutions, implementing the best one, documenting to prevent recurrence, and automating where possible.
• Fluent English; French is a plus but not mandatory.

We acknowledge that many candidates may not meet every single role requirement listed above. If your experience looks a little different from our requirements but you believe you can still bring value to the role, we’d love to see your application!

Criteo is a leader in commerce media, helping brands, agencies, and publishers create meaningful consumer connections through AI‑powered advertising solutions. We’re shaping a more open and sustainable digital future for advertising.

We foster a workplace where everyone is valued, and employment decisions are based solely on skills, qualifications, and business needs—never on non‑job‑related factors or legally protected characteristics.

• 🏢 Ways of working – Our hybrid model blends home with in‑office experiences, making space for both.
• 📈 Grow with us – Learning, mentorship & career development programs.
• 💪 Your wellbeing matters – Health benefits, wellness perks & mental health support.
• 🤝 A team that cares – Diverse, inclusive, and globally connected.
• 💸 Fair pay & perks – Attractive salary, with performance‑based rewards and family‑friendly policies, plus equity potential depending on role and level.
• Additional benefits may vary depending on the country where you work and the nature of your employment with Criteo.