Find a team member, company, Perspectives piece or Index Press resource
Back
Perspectives
    Companies
      Index Press
        Team
          Startup Jobs

            Cybersecurity Analyst GRC

            Spendesk
            • Location
            • Paris, France
            • Last Published
            • Jun. 23, 2026
            • Sector
            • Business Applications
            • Function
            • IT
            Security Engineer · Paris · Hybrid Cybersecurity Analyst GRC

            Spendesk is on a mission to transform how finance teams work by creating intuitive solutions that make spending decisions faster and smarter. We’re looking for a ICT Risk & Control Officer to join our Security team. In this role, you will help strengthen our internal control framework, support a strong risk culture across the business, and contribute to the robustness of our regulatory and operational risk management practices in a fast-moving fintech environment.

            About The Role

            As a ICT Risk & Control Officer at Spendesk, you will play a key role in the second-line control framework, helping ensure that risks are identified, assessed, monitored, and addressed effectively across the organisation.
            Reporting to the Head of Security, your scope of activity will focus on cyber controls related to security governance as well as the availability, confidentiality and integrity of Spendesk group information systems and data, particularly in the context of security certifications and regulatory obligations.
            You will work closely with the other Permanent Control Officers in the Risk & Compliance team to cover the scope of permanent control activities across the business. You will contribute to the execution of second-level controls, the monitoring of remediation plans, and the continuous improvement of the company’s control environment.
            This is a highly cross-functional role that requires strong analytical skills, sound judgement, and the ability to navigate a dynamic and regulated fintech environment.

            What You’ll Be Doing

            • Perform second-level controls in accordance with the control plan, ensuring their rigorous execution, clear documentation, and appropriate follow-up.

            • Coordinate and monitor action plans arising from control findings, incidents, or identified weaknesses, in collaboration with the relevant business teams.

            • Prepare clear and concise reports on control activities, findings, the progress of corrective actions, and key risk topics for internal stakeholders and participate in risk review committees.

            • Contribute to the design, review, and continuous improvement of the ongoing control plan's cybersecurity aspects, in conjunction with the Risk and Compliance department.

            • Participate in the management of Spendesk Group security certifications (ISO27001, SOC2, PCI-DSS…).

            • Support the promotion of a risk-based approach within the company by contributing to employee awareness and encouraging best practices in risk management and control.

            What We’re Looking For

            • At least 3 years of experience in a similar role in permanent control, internal control, risk management or audit.

            • Previous experience within a financial institution, regulated fintech, payment institution, or e-money institution is required.

            • Knowledge of security frameworks such as ISO27001, SOC2, PCI-DSS, DORA…

            • Good understanding of fintech business models and their regulatory environment.

            • Strong analytical and synthesis skills, with the ability to identify key issues, assess risks, and formulate practical recommendations.

            • Excellent writing and communication skills, with the ability to present findings clearly and interact effectively with a wide range of stakeholders.

            • Strong interpersonal skills, with the ability to build constructive relationships across teams and functions.

            • A rigorous, organised, and proactive mindset, with strong attention to detail and a collaborative approach.

            As we are an international team, please submit your application and CV in English.


            About Spendesk
            Spendesk is the AI-powered spend management and procurement platform that transforms company spending. By simplifying procurement, payment cards, expense management, invoice processing, and accounting automation, Spendesk sets the new standard for spending at work. Its single, intelligent solution makes efficient spending easy for employees and gives finance leaders the full visibility and control they need across all company spend, even in multi-entity structures. Trusted by thousands of companies, Spendesk supports over 200,000 users across brands such as Payfit, Accor, Welcome to the Jungle, Swile, Big Mamma, Malt and Yousign. With offices in the United Kingdom, France, Spain and Germany, Spendesk also puts community at the heart of its mission.

            For more information: www.spendesk.com/press

            About our people & culture
            We believe that people do their best work when they’re given the freedom to thrive and grow. That’s why liberation is at the core of everything we do. We empower Spendeskers to take ownership of their work, to navigate ambiguity, and seize every opportunity. Spendeskers come from all over the world (35+ countries and counting!) but we have plenty in common: we're bold, ever-curious, committed to kindness, and tackle every challenge with a positive mindset.

            About our benefits
            Our culture is built on trust, empowerment, and growth — with benefits to match!

            • Flexible on-site and remote policy

            • Latest Apple equipment — the tools you need to excel

            • Access to Moka.care — for emotional and mental health wellbeing

            • Great office snacks — to fuel your day

            • A positive team to work with daily!

            We also offer location-specific benefits tailored to each market, including health insurance, wellness allowances, commuter support, meal vouchers, and gym memberships — ensuring you're well supported wherever you're based.

            Diversity & Inclusion

            At Spendesk, we're committed to fostering an environment where all differences are encouraged, supported and celebrated. We're building our culture for everyone, with everyone. Our goal is to attract and build a diverse, equal and inclusive team, where everyone feels welcome and we truly embrace and encourage people from all backgrounds to apply.


            Département Security Engineer Locations Paris Remote status Hybrid About Spendesk

            Spendesk is Europe’s leading AI-powered spend management and procurement platform that transforms company spending. By simplifying procurement, payment cards, expense management, invoice processing, and accounting automation, Spendesk sets the new standard for spending at work for companies with up to 1,000 employees.

            Trusted by thousands of companies, Spendesk supports over 200,000 users across brands such as SoundCloud, Pigment, and Bloom & Wild. With offices in the United Kingdom, France, Spain, and Germany, Spendesk also puts community at the heart of its mission with CFO Connect. Spendesk believes that people do their best work when they’re given the freedom to thrive and grow. Being bold, bringing a positive attitude, and taking full ownership are fundamental to their culture.

            Ready to grow further? Check out their open roles!

            Founded in 2016 Security Engineer · Paris · Hybrid Cybersecurity Analyst GRC
            Apply for this position
            Recent Spendesk jobs
            Recent similar jobs