About Mirakl
Founded in 2012, Mirakl has been at the forefront of marketplace innovation, empowering every business to compete in the platform economy. Today, Mirakl’s operating system combines an enterprise marketplace solution (Mirakl Platform) that enables retailers and B2B organizations to launch, scale, and operate marketplaces and dropship, AI-powered multichannel selling (Mirakl Connect), retail media (Mirakl Ads) and an agentic commerce infrastructure (Mirakl Nexus). With dual headquarters in Boston and Paris, Mirakl helps a global ecosystem of 450+ marketplaces (B2C and B2B) and a network of over 100k third-party marketplace sellers. Brands like Macy’s, Decathlon, Carrefour, Asos, and Airbus Helicopters use Mirakl to grow their businesses in new and remarkable ways.
The Team You'll Join
You'll be part of our Security team within the GRC (Governance, Risk & Compliance) pillar, led by Maxime Lahaye, Senior Security Officer, based in Paris. Together, you'll be ensuring Mirakl's adherence to security standards and regulations while shaping the future of compliance in an AI-driven world. AI is fundamentally transforming how we work, and you'll join an established team that's at the forefront of this evolution. This is your opportunity to participate in building the GRC infrastructure of tomorrow—where automation, intelligence, and security converge to enable Mirakl's next phase of growth.
Your Impact
1. Compliance & Certifications — Automated
- Contribute to driving and maintaining Mirakl's ISO 27001, ISO 27018, and SOC 2 certifications, leveraging automated GRC platforms to enable continuous compliance monitoring and reduce manual effort.
- Help manage and evolve the ISMS (Information Security Management System), ensuring it reflects both regulatory requirements and Mirakl's evolving AI-driven operations.
- Automate evidence collection, control monitoring, and documentation workflows using modern GRC tooling and AI-powered agents.
2. AI Governance — to build with the team
- Working closely with your manager and the Security team, co-design and evolve Mirakl's AI usage governance framework: acceptable use policies, data classification for AI inputs, shadow AI detection, and AI vendor risk assessment.
- Maintain a live inventory of AI tools used across the company and contribute to the risk-based process for evaluating and onboarding new tools.
- Participate in internal awareness and training initiatives on responsible AI use across all departments.
- Monitor the AI governance regulatory landscape and help adapt Mirakl's framework proactively.
3. Security by design across all company projects
- Partner with Product and Engineering teams early in project lifecycles — whether AI-powered or not — to embed security and compliance requirements from the start.
- Participate in risk reviews across all types of product and platform initiatives, with specific attention to AI-related threat vectors where applicable (prompt injection, data leakage in LLMs, access control for models).
What You'll Bring to the Role
Experience:
- Master's degree (Bac +5).
- Minimum 3 years of experience in GRC security.
- Experience in a consulting firm, technology company, or equivalent role is a plus.
- Strong understanding of compliance frameworks and security standards.
- Scripting/developing experience.
Skills:
- Proactive and autonomous with strong organizational and problem-solving abilities.
- Excellent communication and pedagogy skills to influence technical and non-technical stakeholders.
- Integrity and ethics as core values.
- Ability to work collaboratively in extended teams.
- Experience with web application and cloud (SaaS) security, as well as professional certifications (CISM, CISSP, ISO), are a plus.
Tools Used
- Drata
- AWS, GCP
- N8N
- Python
- Office Suite / Google Workspace
Languages
- Fluent in French and conversational English