Cyber ​​security and risk management consultant

Full-time - Paris La Défense

Why work at C-Risk?

C-Risk is a start-up and a European leader in consulting, outsourced services and training on the financial quantification of cyber risks (CRQ). We help organizations understand and measure cyber risks in financial terms to improve information security governance and increase their cyber resilience. In addition to this, you need to know more about it. The quantification of cyber risks is becoming an essential asset to improve decision-making on investments in security controls. Joining the C-Risk team is an opportunity to work in an organization passionate about Cyber ​​Risk Quantification (CRQ) and which aims to become the European leader in this exciting new field. Our team is international and multicultural. We appreciate employees who are curious, attentive, very autonomous and ready to adapt easily in the context of our rapid growth.

Job Description

We are looking for an experienced Cyber ​​Security and Risk Management Project Manager to lead our risk quantification missions across Europe. You are fluent in English and your role will be to ensure that projects are completed on time and on budget and meet set goals.

Our services focus on:

  • The measurement of the cybersecurity posture
  • Assessment of the level of compliance with standards and control frameworks such as ISO27001, NIST, GDPR and PCI-DSS
  • The quantification of risks in financial terms using the methodology
  • Defining roadmaps to increase cyber resilience using the results of CRQ analysis and control posture.

Your Role

Pre-Sales Activities:

  • Presentation of C-Risk solutions in the areas of scoring and quantification of cyber risks and using this data to improve the governance of information security.
  • Discovery of customer needs and pain points.
  • Design, documentation, and presentation of consulting offers.


Project management services:

  • Project scoping
  • Coordination of consultant activities
  • Project reporting
  • Contribution to the interpretation and presentation of results to an executive audience.

Cyber Risk Quantification:

  • Using the FAIR framework: scoping of risk scenarios, collection & estimation of security controls and event data, collection & estimation of financial impact data, analysis & interpretation, decision making using the CRQ output.
  • Using CRQ Software platforms (Configuration, running scenarios etc..)
  • Tailoring and presenting results to the customer including interaction with executive level stakeholders.
  • Using and Contributing to the C-Risk knowledge library of Cyber Risk Scenarios.


We will provide extensive training on the FAIR CRQ framework and the corresponding software platforms which we use to deliver our services.

Required skills

  • University Degree ideally with a specialisation in computer science, business, economics and/or IT Security. 
  • You have 10 years of experience, including 5 as a consultant in IT security and / or cyber risk management.
  • You will be comfortable working with both cyber security controls and measurement of the financial impact of incidents.


  • Information security governance
  • Cyber security maturity and controls standards such as CIS, NIST, ISO27001, CVSS, etc..
  • Risk management concepts and standards such as ISO 31000, 2700X, FAIR, EBIOS or equivalent. 
  • High level understanding of GDPR and associated data Privacy controls.
  • Comfortable working with the financial measurement of security incidents You will enjoy building and using excel models.
  • Comfortable collecting defendable data to measure scenarios. 

Ideally, you have an information security certification such as CISSP, CRISC, CISM, or CISA. This is not mandatory, but you must have the motivation to obtain the CISSP certification with our assistance.  

You have a critical and analytical mind allowing you to quickly understand customer issues and to produce quality deliverables.


Excellent verbal and written communicator, you are bilingual French / English and you have excellent interpersonal skills required to develop a trusted advisor relationship with our clients. You will have worked for at least 2 years in an English-speaking environment. We will consider certain candidates who do not speak fluent French but are native English speakers. 

Fill out this form to apply

We study each of the applications we receive and get back to you as soon as possible.

Icon text-input *
Icon number-input *
Icon url-input *
Icon url-input *

By continuing to browse this site, you accept our CGU as well as our Privacy Policy