Security Engineer


Epigene Labs is a forward-thinking biotechnology firm committed to pushing the boundaries of scientific innovation in oncology. As we continue to advance, we recognize the critical importance of maintaining a strong security posture while ensuring compliance with regulatory requirements. We are seeking a dynamic and experienced Security specialist to join our team and play a key role in safeguarding our data and maintaining regulatory adherence. The company offers full remote working or on-site office at Morning Vivienne, Paris. The candidate has to be located in France or planning to settle in France in order to apply to this position.

We value remote work

  • We welcome fully-remote candidates that fits the criteria below.

  • You should be able to attend retreats and events in the Paris office (around once a quarter).

  • Remote applicants are expected to have at least a 5-hour overlap with the team in Paris.

  • Since we also value in-person work and collaboration, all things being otherwise equal, we will prefer candidates that can connect on a regular basis with the team in Paris.

Job Description

As a Security and Compliance Specialist, you will bridge the gap between software development, cybersecurity and compliance, ensuring that our security measures align with regulatory standards and industry best practices. You will work closely with cross-functional teams to assess risks, develop and implement security policies and procedures, and monitor compliance with relevant regulations. This role offers a unique opportunity to contribute to both the technical aspects of cybersecurity and the regulatory requirements governing the biotech industry. The candidate will also acquire the Data Protection Officer position after the training period.

The responsibilities of this position encompasses the following:

Regulatory Compliance

  • Monitor and ensure compliance with data protection laws, regulations, and industry standards, mainly GDPR and HDS (Health Data Hosting under French law) cybersecurity guidelines.

  • Conduct regular audits and assessments to assess compliance with regulatory requirements.

Policy development and implementation

  • Develop and maintain security policies, standards, and procedures in alignment with regulatory requirements and industry best practices.

  • Implement security controls and measures to mitigate risks and vulnerabilities.

  • Foster a culture of security awareness and compliance throughout the organization and contribute to our Information Security Management System (ISMS).

Risk management

  • Conduct risk assessments to identify potential threats and vulnerabilities to our systems, data, and infrastructure.

  • Develop risk mitigation strategies and work with stakeholders to implement appropriate controls.

Incident responses and investigation

  • Lead incident response efforts in the event of cybersecurity incidents or data breaches, coordinating with internal teams and external stakeholders as necessary.

  • Conduct post-incident reviews and forensic investigations to identify root causes and lessons learned.

Preferred Experience

  1. Master’s degree or equivalent in Computer Science, Information Security, or a related field.

  2. Previous experience (3-4 years or more) as developer, cybersecurity expert or similar, ideally within the biotech, pharmaceutical, or healthcare industry.

  3. Proficiency in the Python programming language.

  4. Strong understanding of cybersecurity principles, regulatory requirements, and industry standards.

  5. Experience with risk management frameworks and methodologies (e.g., ISO 27001).

  6. Excellent communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams.

  7. Experience in working with Cloud-based environment, specifically Microsoft Azure, would be a strong plus.

Additional Information

  • Contract Type: Full-Time
  • Location: Paris
  • Education Level: Master's Degree
  • Experience: > 3 years
  • Possible full remote