Détail du poste
DETAILS
Role: Chief Information Security Officer (CISO)
Department : Kepler Cheuvreux
Duration : CDI
Start date : asap
Location : Paris
Compensation : 80'000 € to 140'000 € per year (negotiable)
KEPLER CHEUVREUX :
Kepler Cheuvreux is a leading independent European financial services company that specialises in Research, Execution, Fixed Income and Credit, Listed Derivatives, Structured Solutions, Corporate Finance, and Asset Management.
The Group employs around 650 people and is present in 14 major financial centres in Europe, the US and the Middle East: Amsterdam, Brussels, Dubai (DIFC), Frankfurt, Geneva, London, Madrid, Milan, New York, Oslo, Paris, Stockholm, Warsaw, and Zurich.
Group key figures:
1st independent European equity broker
1st Equity Research coverage in Continental Europe
1st Country Broker and Research (Extel 2025)
World's Best Broker (Euromoney Capital Markets Awards 2025)
14 major financial centres in Europe, US and the Middle East
+650 employees
+1'300 institutional clients.
We are seeking a Chief Information Security Officer (CISO) to lead our cybersecurity and IT risk framework. Reporting to the Management Board, you will ensure the resilience and compliance of our financial systems across a highly regulated international environment.
Based in Paris (with frequent travel to London), you will be the primary authority on cybersecurity, ensuring alignment with DORA, NIS2, EBA, and ESMA regulations. You will safeguard critical infrastructures, client data, and business continuity while working closely with Technology, Risk, and Compliance departments.
YOUR TASKS :
Governance & Compliance: Maintain security indicators and manage regulatory reporting for ACPR and AMF, including delivering reporting metrics. Lead the quarterly COSSI (IT Security Committee) and drive audit readiness.
Strategy & Risk Management: Build a risk-based strategy focused on DORA's critical functions (execution, payments, settlement). Maintain the IT risk register (Cloud, Third-party, Obsolescence).
Operational Security: Oversee threat detection, vulnerability management, and patching. Lead the Incident Response Plan and coordinate cross-departmental crisis management.
Operational Resilience: Manage Business Continuity (BCP) & Disaster Recovery (DRP), mapping critical functions and impact tolerances in line with EBA guidelines.
Third-Party Oversight: Assess security risks for outsourcing, cloud providers, and trading applications, ensuring contract compliance.
Security Culture: Drive phishing simulations, penetration testing, and tailored cyber-awareness training.
Resource & Budget Oversight: Manage the security function's budget, overseeing annual requests and contract negotiations. Ensure the cost-effectiveness of security tools and services while maintaining a high level of operational resilience and regulatory readiness.
YOUR PROFILE & SKILLS :
Regulatory Expertise: Mastery of DORA, NIS2, GDPR, and ISO 27001/NIST standards within the financial sector.
Technical Depth: Solid understanding of trading systems, payment infrastructures, cloud security, and network segregation.
Strategic Leadership: Ability to translate technical vulnerabilities into business impacts for the Board and Executive Committees.
Communication: Proven track record of interacting with regulators (ACPR/AMF) and managing IT security crises.
Language Requirements: Fluency in English is mandatory (C1/C2 level), as you will regularly interact with our London office and international regulators. Proficiency in French is a plus.
Education & Experience: 10+ years of experience in Cybersecurity or IT Risk, specifically within a regulated financial environment. Relevant certifications (CISM, CISSP, or equivalent) are highly valued.
RECRUITMENT PROCESS:
Please submit your application (CV and Cover Letter) in English only. Applications submitted in other languages will not be considered.
Between 2 and 3 rounds of interviews: both fit and technical questions.
You will need a flexible and creative approach in order to flourish in our international environment and succeed with our diverse client base. If you possess these qualities and would like to be part of Kepler Cheuvreux's story, then come and join us!
Please note that Kepler Cheuvreux promotes equal opportunity. All applications will be given due consideration.
DETAILS
Role: Chief Information Security Officer (CISO)
Department : Kepler Cheuvreux
Duration : CDI
Start date : asap
Location : Paris
Compensation : 80'000 € to 140'000 € per year (negotiable)
Role: Chief Information Security Officer (CISO)
Department : Kepler Cheuvreux
Duration : CDI
Start date : asap
Location : Paris
Compensation : 80'000 € to 140'000 € per year (negotiable)
KEPLER CHEUVREUX :
Kepler Cheuvreux is a leading independent European financial services company that specialises in Research, Execution, Fixed Income and Credit, Listed Derivatives, Structured Solutions, Corporate Finance, and Asset Management.
The Group employs around 650 people and is present in 14 major financial centres in Europe, the US and the Middle East: Amsterdam, Brussels, Dubai (DIFC), Frankfurt, Geneva, London, Madrid, Milan, New York, Oslo, Paris, Stockholm, Warsaw, and Zurich.
Group key figures:
1st independent European equity broker
1st Equity Research coverage in Continental Europe
1st Country Broker and Research (Extel 2025)
World's Best Broker (Euromoney Capital Markets Awards 2025)
14 major financial centres in Europe, US and the Middle East
+650 employees
+1'300 institutional clients.
1st independent European equity broker
1st Equity Research coverage in Continental Europe
1st Country Broker and Research (Extel 2025)
World's Best Broker (Euromoney Capital Markets Awards 2025)
14 major financial centres in Europe, US and the Middle East
+650 employees
+1'300 institutional clients.
We are seeking a Chief Information Security Officer (CISO) to lead our cybersecurity and IT risk framework. Reporting to the Management Board, you will ensure the resilience and compliance of our financial systems across a highly regulated international environment.
Based in Paris (with frequent travel to London), you will be the primary authority on cybersecurity, ensuring alignment with DORA, NIS2, EBA, and ESMA regulations. You will safeguard critical infrastructures, client data, and business continuity while working closely with Technology, Risk, and Compliance departments.
YOUR TASKS :
Governance & Compliance: Maintain security indicators and manage regulatory reporting for ACPR and AMF, including delivering reporting metrics. Lead the quarterly COSSI (IT Security Committee) and drive audit readiness.
Strategy & Risk Management: Build a risk-based strategy focused on DORA's critical functions (execution, payments, settlement). Maintain the IT risk register (Cloud, Third-party, Obsolescence).
Operational Security: Oversee threat detection, vulnerability management, and patching. Lead the Incident Response Plan and coordinate cross-departmental crisis management.
Operational Resilience: Manage Business Continuity (BCP) & Disaster Recovery (DRP), mapping critical functions and impact tolerances in line with EBA guidelines.
Third-Party Oversight: Assess security risks for outsourcing, cloud providers, and trading applications, ensuring contract compliance.
Security Culture: Drive phishing simulations, penetration testing, and tailored cyber-awareness training.
Resource & Budget Oversight: Manage the security function's budget, overseeing annual requests and contract negotiations. Ensure the cost-effectiveness of security tools and services while maintaining a high level of operational resilience and regulatory readiness.
Governance & Compliance: Maintain security indicators and manage regulatory reporting for ACPR and AMF, including delivering reporting metrics. Lead the quarterly COSSI (IT Security Committee) and drive audit readiness.
Strategy & Risk Management: Build a risk-based strategy focused on DORA's critical functions (execution, payments, settlement). Maintain the IT risk register (Cloud, Third-party, Obsolescence).
Operational Security: Oversee threat detection, vulnerability management, and patching. Lead the Incident Response Plan and coordinate cross-departmental crisis management.
Operational Resilience: Manage Business Continuity (BCP) & Disaster Recovery (DRP), mapping critical functions and impact tolerances in line with EBA guidelines.
Third-Party Oversight: Assess security risks for outsourcing, cloud providers, and trading applications, ensuring contract compliance.
Security Culture: Drive phishing simulations, penetration testing, and tailored cyber-awareness training.
Resource & Budget Oversight: Manage the security function's budget, overseeing annual requests and contract negotiations. Ensure the cost-effectiveness of security tools and services while maintaining a high level of operational resilience and regulatory readiness.
YOUR PROFILE & SKILLS :
Regulatory Expertise: Mastery of DORA, NIS2, GDPR, and ISO 27001/NIST standards within the financial sector.
Technical Depth: Solid understanding of trading systems, payment infrastructures, cloud security, and network segregation.
Strategic Leadership: Ability to translate technical vulnerabilities into business impacts for the Board and Executive Committees.
Communication: Proven track record of interacting with regulators (ACPR/AMF) and managing IT security crises.
Language Requirements: Fluency in English is mandatory (C1/C2 level), as you will regularly interact with our London office and international regulators. Proficiency in French is a plus.
Education & Experience: 10+ years of experience in Cybersecurity or IT Risk, specifically within a regulated financial environment. Relevant certifications (CISM, CISSP, or equivalent) are highly valued.
Regulatory Expertise: Mastery of DORA, NIS2, GDPR, and ISO 27001/NIST standards within the financial sector.
Technical Depth: Solid understanding of trading systems, payment infrastructures, cloud security, and network segregation.
Strategic Leadership: Ability to translate technical vulnerabilities into business impacts for the Board and Executive Committees.
Communication: Proven track record of interacting with regulators (ACPR/AMF) and managing IT security crises.
Language Requirements: Fluency in English is mandatory (C1/C2 level), as you will regularly interact with our London office and international regulators. Proficiency in French is a plus.
Education & Experience: 10+ years of experience in Cybersecurity or IT Risk, specifically within a regulated financial environment. Relevant certifications (CISM, CISSP, or equivalent) are highly valued.
RECRUITMENT PROCESS:
Please submit your application (CV and Cover Letter) in English only. Applications submitted in other languages will not be considered.
Between 2 and 3 rounds of interviews: both fit and technical questions.
You will need a flexible and creative approach in order to flourish in our international environment and succeed with our diverse client base. If you possess these qualities and would like to be part of Kepler Cheuvreux's story, then come and join us!
Please note that Kepler Cheuvreux promotes equal opportunity. All applications will be given due consideration.
Group key figures:
- 1st independent European equity broker
- 1st Equity Research coverage in Continental Europe
- 1st Country Broker and Research (Extel 2025)
- World's Best Broker (Euromoney Capital Markets Awards 2025)
- 14 major financial centres in Europe, the US, and the Middle East
- 650+ employees
- 1,300+ institutional clients
Publiée le 12/05/2026 - Réf : f0bec7a7c9d643649c81808133deba40
