ISMS Apprentice (Information Security Management System) na Netatmo

Our Mission 🚀

We imagine and design revolutionary, intuitive, and beautifully designed connected objects. More than just products, our smart innovations offer you a perfectly seamless experience for a safer, healthier, more comfortable, and more environmentally friendly everyday life.

From mechanics to electronics to embedded software, every aspect of our products is designed to the highest standards. Our web and mobile applications combine simplicity with a rich user experience.

To further advance the connected home revolution, we have formed strategic partnerships with companies such as Velux (roof windows), Muller (electric radiators), Engie, and Vaillant (boilers).

Our history took on a new dimension in November 2018 when we joined the Legrand Group, the world leader in electrical and digital building infrastructures. We continue to develop our brand and our products independently within the group.

Who are we? 🧑‍🤝‍🧑

Netatmo is above all a human adventure: talented individuals united around a common project. Our ambition is to create remarkable products and build a company where people enjoy working.

We cultivate a spirit of community that goes far beyond professional projects. Because for us, everyone's fulfillment is a priority, and creativity doesn't always come from behind a desk.

As an ISMS apprentice, you will actively contribute to our team in the implementation, audit preparation, and continuous improvement of our Information Security Management System (ISMS) aligned with the ISO 27001 standard. This operational position offers an excellent opportunity to develop solid skills in cybersecurity governance, data protection, and risk management in a collaborative and stimulating environment.

Your main responsibilities :

• Support for the SMSI project: Assist with the coordination, monitoring, and documentation of activities related to the SMSI, particularly in view of the ISO 27001 audit scheduled for November 2025 and the renewal activities that will follow.
• Support for data deletion: Participate in the implementation and monitoring of information deletion processes in accordance with internal policies and GDPR requirements (basic knowledge of the GDPR would be a plus).
• Supplier security assessment: Contribute to the security assessments of external service providers by participating in the review of documents, questionnaires, and follow-up actions to ensure compliance with ISO 27001 requirements.
• Cybersecurity governance: Participate in initiatives to strengthen the organization's overall security framework.
• Security awareness and communication: Help promote understanding and adoption of ISO 27001 policies and cybersecurity best practices among internal teams.

What you will gain:

• Practical experience in information security audits and compliance projects.
• Practical knowledge of ISO 27001 implementation and renewal processes.
• Familiarity with international standards and regulatory frameworks.
• Opportunity to work with multidisciplinary teams on a variety of cybersecurity-related topics.
• Solid foundation for a career in cybersecurity, risk management, or ISMS governance.

Required skills :

• Teamwork : Enjoys collaborative work and contributes effectively to common goals.
• Problem-solving skills : Able to think critically and actively engaged in finding concrete solutions.
• Organizational skills: Comfortable managing tasks and proactively following up on project-related actions.
• Willingness to learn: Curious, proactive, and motivated to deepen knowledge of cybersecurity and compliance.
• Fluency in spoken and written English.

Education and knowledge :

• Desired education : Master's degree in engineering, technical fields, or related areas.
• Experience : Initial experience in cybersecurity or information security is preferred.
• Relevant courses : Information security, cybersecurity, risk management, or project management.
• Knowledge of standards : Basic knowledge of ISO 27001 is preferred; awareness of ISO 9001 or ISO 31000 would be an asset.
• Regulatory knowledge : Familiarity with the GDPR and fundamental data protection principles is appreciated.

Benefits :

💰

• Vacation bonus
• CET: time savings account
• PERECO contribution
• Allowance for purchasing teleworking equipment
• 50% reimbursement of transportation costs
• Soft mobility allowance

⏱️

• Eco-friendly building with concierge service
• On-site gym (with showers)
• Meal vouchers
• Access to the inter-company restaurant & food court
• Remote working
• 100% paperless health insurance: Alan
• Access to an e-learning platform.

⚽

• Several board games, a ping-pong table, and foosball table available during breaks
• Parking for your car, motorcycle, and bicycle, subject to availability