Join the API Revolution at Gravitee—Where Innovation Meets Growth

Since our beginnings in 2015, Gravitee has grown into a global force, recognized as a 2024 Gartner Magic Quadrant™ Leader for API Management. What started with four developers challenging the complexities of APIs has evolved into a revolutionary platform powering API and event stream ecosystems worldwide. We’re driving digital transformation for top enterprises, from Michelin to Roche to Blue Yonder and beyond, offering unmatched control over APIs and event streams.

Our rapid growth and leadership in API management are fueled by our team’s commitment to excellence and our core values:

• Passion: We bring excitement to everything we do, constantly innovating to stay ahead of the curve.
• Do What it Takes: We go above and beyond to help customers and teammates succeed, holding ourselves to the highest standards.
• Professionalism: We believe in clear, respectful communication and prioritize the needs of our team and customers.

Join us on this journey. Be part of a team that’s redefining what’s possible in API management, and shaping the future of digital transformation. The possibilities are endless—be a part of the revolution!

THE ROLE & WHY IT EXISTS

We are currently recruiting for a Senior Manager Information Security to join our growing business. In this newly created role, you will support and become a SME in Information Security, Compliance and Data Privacy while reporting to the Chief Technology Officer. You’ll be handling our information security information management system (ISPIMS- ISO 27001/27701) making sure that everyone and everything is compliant with our policies and SOP’s. This will also include our privacy information management and learning how to use and maintain compliance with some of the best standards out there.


WHAT YOU WILL BE DOING
Your daily to-do list will feature some or all of the following, but is not limited to:

The primary responsibility of the Senior Manager Information Security is to be part of the ISO 27001/27701 assurance and continuous improvement process and support the Head of Information Security in any related tasks.
In addition, the Information Security Manager is expected to learn and develop skills to become an SME in all security and data privacy-related points of the Gravitee orb of products and services to better support our team and clients.

• Take ownership of the allocated processes and procedures in our ISO 27001/27701
  
• Review processes and procedures to make sure that they are continuously improved and fit for purpose
  
• Be the first point of escalation within the InfoSec and Data Privacy team
  
• Respond to incidents and support on the triage, resolution and forensics
  
• Review access and controls in place on a regular and scheduled basis
  
• Be willing to learn and adapt to new situations and evolve your knowledge
  
• Provide the Gravitee Global Information Security Awareness Training sessions and other training sessions as needed.

ESSENTIAL SKILLS - The right candidate will possess at least the following skills:

• Good knowledge of GDPR or any other Data Privacy regulations and laws
• Must have a working knowledge of
  • ISO 27001
  • ISO 27701
  • ISO 9001
• Must have a working knowledge of SOC II, Type 2 
  
• Understanding of API and Cloud/SaaS systems
  
• A customer-first attitude, internal or external customers
  
• Thirst for knowledge and learning
  
• Attention to detail
  
• An independent team player
  
• Advanced understanding of compliance, information security, data privacy or legal aspects of these
  
• Ability to adapt to a fast-paced environment
  

DESIRED SKILLS - Additionally, these skills are not required, but preferable:

• Exposure to NIST CSFCI, PCI-DSS or HIPAA is a big plus
  
• OWASP ASVS, TOP 10 knowledge is great to have
  
• You have completed a bachelor's or MSc in CyberSecurity, Information Security, or legal or have up to two years of experience in compliance, risk, cyber security, software development or computer science

WHO YOU ARE

• A bringer of energy — someone who is enthusiastic, friendly, and who will add to Gravitee’s vibrant company culture
• Someone with a sense of urgency and follow-through
• A person who excels working in a fast-paced, agile scale-up environment
• Naturally customer-focused with a customer-first mentality
• Respectful, courteous, harmonious, polite, and conscientious

AT GRAVITEE, YOU’LL GET…

• Excellent medical coverage to keep your body and mind healthy
• Pension and 401k program options for all locations
• Stock option plan for employees
• 25 days holiday/vacation in addition to in-country national holidays as well
• 3 mental health days per year with an allowance toward a mood-boosting activity of your choice
• Birthday off to celebrate your day
• Learn and grow with our professional development allowance to be used to benefit your career
• Quarterly outings and an annual off-site in an exciting location!
• Hybrid culture with options to go into an office in one of our hubs
• Ability to work for one of the fastest-growing companies and alongside some of the most talented people in the API technology sector
• A meaningful, progressive, global company culture that is as fun as it is hardworking
• Endless growth opportunities

At Gravitee, no employee or applicant will be treated less favourably on the grounds of their sex, marital status, race, colour, nationality or ethnic or national origin, disability, gender, sexual orientation, gender identity, age, pregnancy or maternity, marital or civil partner status, or religion or belief.