Join the C-Risk team


Ready to take charge of your own career? At C-Risk, you are an active player in the company's strategy and in your professional development. As part of the team, you will analyse risk and communicate ways to improve cyber resilience for our customers.

some informations about c-risk

Dynamic team

In Paris or remote

Junior or senior profile

Our vision: become the market reference in cyber quantification

In the fight against cybercrime, we intervene upstream in cyber risk management and governance. We rely on our expertise in risk quantification to provide our clients with a business vision and a financial assessment. We treat cyber risks just like a board of directors would treat any corporate risk. Through our support, company managers have become aware of the business impact that cyber risk can have. This helps them factor in business challenges in order to make better decisions regarding information security and data protection.

Our ambition is to become a leader and trusted advisor in cyber quantification by providing our clients with the solutions that best suit their needs.

To continue C-Risk's growth, we are developing new offers that capitalise on our technical skills to serve more companies in risk management and cybersecurity governance. We plan on recruiting several dozen people over the next three years.

Our history

C-Risk was founded by Christophe Foret and Tom Callaghan. They met when they were working at Dell, as they assisted large companies with their digital transition and the transfer of services to the cloud. Tom led this practice of about forty people from London.

October 2016

Tom and Christophe noticed that discussions about security and IT risks between business and IT experts were difficult. C-Risk was then created to address those communication issues.

September 2017

Creation of the Paris branch of the FAIR Institute to promote the FAIR™ standard and its methodology in Europe. Since then, we have been developing partnerships with quantification professionals.

Service Launch

April 2019: launch of quantification training with FAIR™ (it was later Datadock-certified in 2020 and then Qualiopi-certified in 2021). January 2020: launch of CRQ (Cyber Risk Quantification) offers and signing of the first European contracts, which marked the beginning of C-Risk's strong growth.


Our state of mind

At C-Risk, governance is participatory: when it comes to defining the company’s strategy, everyone contributes. Our organisation is not compartmentalised, each and every individual point of view is taken into account. This allows us to be dynamic and to grow by adapting our offer to our clients’ needs. By carrying out a wide range of assignments, our employees develop multiple skills. For example, you will develop your persuasion skills, your teaching skills, and your ability to summarise information by making presentations to our clients' general managers. You will continuously learn in order to keep up to date with cutting edge technologies.

Our culture is based on effort and results, which means that we value our employees’ potential and abilities. Everyone is encouraged to use and apply their skills.

Our goal is to lead our clients to success and to offer them long term support. To achieve this, we always keep in mind the added value that we deliver through our support. We seek innovation only if it appears to be relevant.

This search for relevance is what led us to the FAIR™ standard, as it is the answer to the communication difficulties between business and IT teams: it establishes a common language, it makes cyber risk issues understandable to non-technical people and it explains how to set priorities in the face of the multiple cybersecurity solutions available.

The C-Risk values

  • Value above all

    We believe that value is key, that it is what drives us. First, we aim to bring value to our clients by seeking the most relevant solutions and striving for excellence every step of the way. Value also needs to be brought internally as everyone in the company is evaluated on their contribution to the company and their colleagues.

  • Candour

    At C-Risk, authenticity is paramount. Everyone is welcome to express their ideas. One of our principles is that relevance has nothing to do with seniority, experience, or rank. As Christophe would put it, "quality does not wait a certain number of years". This is why our management style is collaborative and agile.

  • Commitment

    Our commitment is a consequence of our positioning and of our business vision. On the business side, we are committed to delivering the best service to our clients in order to secure their digital assets. Internally, we value mutual support and collaborative work. We are here for each other.

  • Open-mindedness

    We are driven by curiosity, creativity, and a desire to provide the best innovative solutions. We keep up with the latest developments in cybersecurity by keeping an open mind. Open-mindedness also shows in the way our company operates and in the fact that we have developed a multicultural environment.


Do you share C-Risk's culture and values?

Do you share this need to deliver significant value, this sense of commitment, this open-mindedness? Do you value authenticity?

We can do great things together!

See our job openings

The C-Risk team

C-Risk is above all a team of cybersecurity enthusiasts who place their expertise in information security at the service of their clients.

  • Christophe sur arriere plan flou sizee.jpeg

    Christophe FORET

    Co-founder of C-Risk

    He is currently in charge of customer support, he works on the FAIR™ standard in Europe, and he takes leadership on matters regarding C-Risk's management.

  • Tom sur arriere plan flou sizee.png


    Co-founder of C-Risk

    Prior to creating C-Risk, Tom led a practice of about 40 people at Dell on digital transformation issues. Tom is in charge of delivery and of the technical aspects of the operation. He also provides support to our clients.

  • Lydie arriere-plan-flou- 2 sizee.jpeg

    Lydie AUBERT

    Director of Marketing

    Lydie joined C-Risk in 2016 after several spent in Canada. Now she operates from Nantes; she is in charge of marketing and is also involved in the development of C-Risk (recruitment, business processes). She has worked in various sectors: show production, software, energy efficiency.

  • avatar femme

    Lydie LAOUENAN

    Finance and administrative management

    Lydie joined C-Risk in 2020 and she is responsible for financial and administrative management. Before taking on this daunting task, Lydie worked in the subsidiary of an Italian group and as a freelancer for VSEs and SMEs. Lydie has also taught taxation and HR courses to 2nd and 3rd year in a French Business School.

  • gerard-carroll

    Gerard CARROLL

    Cyber Security Consultant

    Gerry joined C-Risk in January 2022 as a Cyber Security Consultant focusing on Cyber Risk Quantification and Cyber Security Governance. He has CISSP certification and has worked in IT for over 10 years across various industries.

  • elodie-huet

    Elodie HUET

    Cyber security and risk consultant

    Elodie is a Certified Information System Auditor (CISA) as well as a certified business continuity professional (AMBCI). She is an award-winning business resilience professional with over 7 years of practice in business continuity, risk management, crisis management, cyber security governance risk and compliance. She is enthusiastic, fun, punctual and always up for a challenge.

  • matthias pouyanne

    Matthias POUYANNE

    Cyber Security Consultant

    Engineer and former Senior Consultant at Wavestone, Matthias joined C-Risk early September 2022. His 5 years as a Wavestone cyber consultant helped him build his two main expertise: risk management, and detection and response capabilities strategy and governance. Passion, thoroughness, and creativity are his guidelines.

Cybersecurity consulting

At C-Risk, a cybersecurity consultant never works alone. This is how we can share best practices in cyber risk management and continuously help each other improve our skills, all for the benefit of our clients.

Preparation phase

We research information about our client, their sector of activity, etc. We analyse their request, set up a methodology and determine how many risks need to be assessed.

Kick off

We present the project to our client: how many weeks of support we have planned for, who needs to be interviewed, which method is going to be implemented, examples of deliverables, etc.

Project implementation

We collect data on the client's market, we study the company to determine its value chain and its main assets, we choose which scenarios to test, then we quantify the risks, and finally, we make recommendations to the client.

These assignments could become yours

One of our latest assignments took place at the headquarters of a large international firm of 80,000 people. Our goal was twofold:

Demonstrate that we could identify and quantify the main cyber risks within just a few weeks.

Define the nature and estimate the amounts of the losses our client might be confronted with in our crisis event scenarios, in order to support their negotiations on cyber insurance coverage and excess.

The application cases of quantification are numerous and always differ depending on the sector of activity, the geography, the size and the maturity of the client’s organisation. This makes our services very rewarding and always diverse.

You want to work with us?

4 good reasons to join C-Risk

All you have to do is meet us to make up your own mind

A rewarding job

We assist company managers with strategic decision-making issues. To achieve synergy and to produce good value, you will carry out the missions from start to finish as part of a team. Thanks to partnerships with players in this field and to the creation of the European branch of the FAIR™ Institute, C-Risk is recognised for its expertise in quantification.

A balance between your professional and personal life

You can work from wherever you like (at the office, at home, in a coworking space, etc.) and with the equipment you need (double screen, comfortable chair). You can also adapt your working hours to suit your personal life. The important thing is that the work gets done, not the time of day it gets done.

The development of your expertise

Between assignments, there is time dedicated to developing collective and individual expertise. A great amount of leeway is given and prerogatives are granted depending on each individual’s quality of work, abilities, and desires.

An input on strategic decisions

In order to go further and to share ideas, the co-founders seek to involve their teams in the company’s strategy. Each year, the roadmap is established with all employees during strategic meetings.