Security Compliance, Lead

About Mistral  At Mistral AI, we believe in the power of AI to simplify tasks, save time, and enhance learning and creativity. Our technology is designed to integrate seamlessly into daily working life. We democratize AI through high-performance, optimized, open-source and cutting-edge models, products and solutions. Our comprehensive AI platform is designed to meet enterprise needs, whether on-premises or in cloud environments. Our offerings include le Chat, the AI assistant for life and work. We are a dynamic, collaborative team passionate about AI and its potential to transform society. Our diverse workforce thrives in competitive environments and is committed to driving innovation. Our teams are distributed between France, USA, UK, Germany and Singapore. We are creative, low-ego and team-spirited. Join us to be part of a pioneering company shaping the future of AI. Together, we can make a meaningful impact. See more about our culture on https://mistral.ai/careers. Role summary As Cybersecurity Compliance Lead, you will manage the cybersecurity compliance program and guide the company toward obtaining the certifications necessary for the development of its business. What you will do Develop and manage comprehensive cybersecurity compliance program Define and maintain the Information Security Management System Manage the global planning for cybersecurity compliance, for internal reviews and external audits Deliver cybersecurity training and inform each stakeholder of how they should contribute to compliance projects For each certification or regulatory framework, coordinate all parties who must provide evidence to demonstrate proper compliance and prepare for audits- Participate to risk assessment Work with sales and marketing to identify new certifications that may be useful for acquiring new customers and prioritize them depending on the cost of certification/potential new income About you 5+ years of managing cybersecurity compliance program Strong understanding of cybersecurity guidelines and standards (ISO27001, SOC2, HDS, SecNumCloud, C5) Understanding of cybersecurity regulation (NIS2, CRA, LPM, DORA) Understanding or regulation related to sensitive (II901) or classified information (IGI1300) Excellent communication, analytical, and problem-solving skills