GRC & AI Governance Specialist (F/H)

Location

Paris (1 day remote per week)

You will be part of Mirakl's Security team within the GRC pillar, ensuring compliance with security standards and shaping the future of compliance in an AI‑driven world.

Your Impact

• Compliance & certifications - automated
  • Contribute to driving and maintaining Mirakl's ISO 27001, ISO 27018, and SOC 2 certifications, leveraging automated GRC platforms to enable continuous compliance monitoring and reduce manual effort.
  • Help manage and evolve the ISMS (Information Security Management System), ensuring it reflects both regulatory requirements and Mirakl's evolving AI‑driven operations.
  • Automate evidence collection, control monitoring, and documentation workflows using modern GRC tooling and AI‑powered agents.
• AI Governance - to build with the team
  • Co‑design and evolve Mirakl's AI usage governance framework: acceptable use policies, data classification for AI inputs, shadow AI detection, and AI vendor risk assessment.
  • Maintain a live inventory of AI tools used across the company and contribute to the risk‑based process for evaluating and onboarding new tools.
  • Participate in internal awareness and training initiatives on responsible AI use across all departments.
  • Monitor the AI governance regulatory landscape and help adapt Mirakl's framework proactively.
• Security by design across all company projects
  • Partner with Product and Engineering teams early in project lifecycles to embed security and compliance requirements from the start.
  • Participate in risk reviews across all types of product and platform initiatives, with specific attention to AI‑related threat vectors where applicable (prompt injection, data leakage in LLMs, access control for models).

What You’ll Bring to the Role

Experience

• Master's degree (Bac +5)
• Minimum 3 years of experience in GRC security
• Experience in a consulting firm, technology company, or equivalent role is a plus
• Strong understanding of compliance frameworks and security standards
• Scripting/developing experience

Skills

• Proactive and autonomous with strong organizational and problem‑solving abilities
• Excellent communication and pedagogy skills to influence technical and non‑technical stakeholders
• Integrity and ethics as core values
• Ability to work collaboratively in extended teams
• Experience with web application and cloud (SaaS) security, as well as professional certifications (CISM, CISSP, ISO), are a plus.

Tools Used

• Drata
• AWS, GCP
• N8N
• Python
• Office Suite / Google Workspace

Languages

• Fluent in French and conversational English

Legal Notice

We may use Artificial Intelligence (AI) solutions to help streamline our hiring process, including screening applications, analyzing resumes, and assessing responses. While AI helps us work efficiently, all final hiring decisions are made by humans. For more information, visit our AI Guidelines for Candidates and Interviews.