Job details

Security Compliance & Awareness Engineer (f/m)

We're making the world of digital assets accessible and secure for everyone. Join the mission.

Founded in 2014, Ledger is the global platform for digital assets and Web3. Over 15% of the world’s crypto assets are secured through our Ledger Nanos. Headquartered in Paris and Vierzon, with offices in the UK, US, Switzerland and Singapore, Ledger has a team of more than 600 professionals developing a variety of products and services to enable individuals and companies to securely buy, store, swap, grow and manage crypto assets – including the Ledger hardware wallets line with more than 5 millions units already sold in 180 countries.

At Ledger, we embody the values that make us unique: Pragmatism, Audacity, Commitment, Trust, and Transparency. Have a look at our Origins video here.

Ledger is seeking a Security Compliance & Awareness Engineer to lead the creation, implementation, and management of internal security awareness and knowledge programs. This role is critical for fostering a strong security culture across the organization by developing training materials, managing security awareness campaigns, and maintaining comprehensive documentation.

You will leverage tools such as a Learning Management System (LMS) and awareness platforms (e.g., Riot) to educate and engage employees. Additionally, you will ensure that security-related documentation is well-organized, accessible, and aligned with compliance and organizational needs.

This position requires exceptional communication skills and the ability to collaborate with various teams, including Legal and Engineering.

The mission

Security Awareness Program Management :

Design, deliver, and maintain an engaging internal security awareness program using tools like Riot and an LMS.

Develop and manage phishing simulation campaigns to test and improve employee resilience against social engineering attacks.

Create tailored training modules to address specific security challenges and compliance requirements.

Knowledge Management & Documentation :

Own the organization and upkeep of security documentation, ensuring clarity and accessibility for employees.

Develop and maintain comprehensive security guides, FAQs, and reference materials to support awareness initiatives.

Work closely with cross-functional teams to align documentation with compliance and operational needs.

Collaboration with Stakeholders :

Partner with Legal, Engineering, and Product teams to integrate compliance and security requirements into training materials.

Act as a liaison between the Security Operations team and employees to address security-related queries and concerns.

Compliance Support :

Ensure training and awareness initiatives align with regulatory and organizational compliance standards (e.g., GDPR, SOC 2).

Track and report on employee participation in security training to demonstrate compliance and identify gaps.

Continuous Improvement :

Evaluate the effectiveness of training and awareness campaigns, using feedback and metrics to enhance future programs.

Stay updated on industry trends and emerging threats to adapt and refine security awareness content.

What we're looking for

3+ years of experience in security awareness, training, or compliance roles.
Familiarity with using LMS platforms and awareness tools like Riot or similar.
Experience managing phishing simulations and measuring their impact.
Strong understanding of cybersecurity fundamentals and common threats (e.g., phishing, social engineering).
Ability to organize and manage large sets of documentation, ensuring clarity and relevance.
Familiarity with compliance frameworks (e.g., GDPR, SOC 2) and their training requirements.
Exceptional written and verbal communication skills, with the ability to distill complex security concepts into accessible language.
Strong organizational skills and attention to detail for maintaining documentation and managing multiple initiatives.
Collaborative mindset to work effectively with diverse teams and stakeholders.

What's in it for you?

Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow. Flexibility: A hybrid work policy.
Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage. Well-being: Personal development, coaching & fitness with our dedicated partners.
Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days.
High tech: Access to high performance office equipment and gadgets, including Apple products.
Transport: Ledger reimburses part of your preferred means of transportation.
Discounts: Employee discount on all our products.

We are an equal opportunity employer for all without any distinction of gender, ethnicity, religion, sexual orientation, social status, disability or age.

#LI-Hybrid #LI-RDH

Ledger Glassdoor Company Review

3.9

Ledger DE&I Review

4.2

CEO of Ledger

Pascal Gauthier

Approve of CEO

What You Should Know About Security Compliance & Awareness Engineer (f/m), Ledger

Are you passionate about cybersecurity and eager to make a tangible impact in a fast-paced environment? Ledger, the global platform for digital assets and Web3 based in Paris, is looking for a Security Compliance & Awareness Engineer to join our dynamic team. In this exciting role, you'll be at the forefront of fostering a robust security culture within the organization. You'll create and implement engaging security awareness programs, manage training materials, and lead initiatives that empower our employees to understand the importance of security compliance. Your work will involve leveraging a Learning Management System (LMS) and awareness tools like Riot to create interactive experiences that educate your colleagues about cybersecurity fundamentals and best practices. You will also play a vital role in organizing and maintaining security documentation, ensuring it is accessible and meets compliance standards such as GDPR and SOC 2. Collaboration is key in this position, as you will work closely with cross-functional teams including Legal and Engineering to align on security requirements. We’re looking for someone who thrives on continuous improvement, as you'll evaluate the effectiveness of training campaigns and adapt based on feedback and metrics. If you're ready to commit to a mission that blends pragmatism with audacity, this could be the perfect opportunity for you!

Frequently Asked Questions (FAQs) for Security Compliance & Awareness Engineer (f/m) Role at Ledger

What are the main responsibilities of a Security Compliance & Awareness Engineer at Ledger?

As a Security Compliance & Awareness Engineer at Ledger, your primary responsibilities include designing and delivering engaging internal security awareness programs, managing phishing simulation campaigns, and overseeing the organization and accessibility of security documentation. With a strong focus on collaboration, you'll partner with various teams to address security-related queries and ensure compliance with regulatory standards.