Security Certification Manager

Ledger

Ledger

Paris, France
Posted on Thursday, July 4, 2024
We're making the world of digital assets accessible and secure for everyone.
Join the mission.
Founded in 2014, Ledger is the global platform for digital assets and Web3. Over 20% of the world’s crypto assets are secured through our Ledger Nanos. Headquartered in Paris and Vierzon, with offices in the UK, US, Switzerland and Singapore, Ledger has a team of more than 700 professionals developing a variety of products and services to enable individuals and companies to securely buy, store, swap, grow and manage crypto assets – including the Ledger hardware wallets line with more than 6 millions units already sold in 200 countries.
At Ledger, we embody the values that make us unique: Pragmatism, Audacity, Commitment, Trust and Transparency. Have a look at our Origins video here.
At Ledger, we embody the values that make us unique: Pragmatism, Audacity, Commitment, Trust and Transparency. Hear from our employees how they shape the work we do here.
The main purpose of this role is to consolidate and drive security projects across different teams such as:
- coordinating and ensuring the application of security recommendations in engineering teams.
- Implement quality and security indicators for the various product lines.
- Support the maintenance of the current certifications according to the First Level Security Certification Scheme (CSPN)
Ledger is therefore looking for a Security Project Manager to contribute to this product security program.

Your mission

  • Project Management:
  • Plan, execute, and oversee security-related projects from initiation to completion, ensuring timely delivery and within budget.
  • Define project scope, goals, and deliverables in collaboration with stakeholders and team members.
  • Monitor project progress, identify risks and issues, and implement mitigation strategies to ensure successful project outcomes
  • Develop a strong interaction with all of the stakeholders (both internal and external)
  • Security Governance
  • Produce all the documents related to the different schemes: assessment file, security target, cryptographic mechanisms description…Propose technical solutions so that the certifications is not only easier to implement but also easier to maintain
  • Prepare the file related to the security assessment
  • Stakeholder Communication
  • Communicate project status, updates, and outcomes to senior management, stakeholders, and cross-functional teams.
  • Facilitate meetings, workshops, and training sessions to engage with internal teams and promote security awareness and best practices.

What we’re looking for

  • Flexibility, adaptability and willingness to learn new technologies
  • Knowledge regarding CSPN security evaluation scheme
  • Experience with the implementation and the management of a product certification program (from an implementer or auditor perspective)
  • In-depth knowledge of cryptographic mechanisms (symmetric, asymmetric cryptography, Hash, DH…)
  • Fluency in English
  • Strong writing skills
  • Solid project management skills (Gantt, WBS)
  • Clear and effective communication style both internally (security team, development team, etc.) and externally (ANSSI, independent security laboratories)
  • Knowledge and/or willingness to learn about upcoming regulations and their possible impact on Ledger (such as Cyber Resilience Act (CRA), Network and Information Security 2 (NIS2), EUCC scheme)
  • Knowledge about blockchain will be considered an asset

What’s in it for you?

  • Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow.
  • Flexibility: A hybrid work policy.
  • Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
  • Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage.
  • Well-being: Personal development, coaching & fitness with our dedicated partners.
  • Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days.
  • High tech: Access to high performance office equipment and gadgets, including Apple products.
  • Transport: Ledger reimburses part of your preferred means of transportation.
  • Discounts: Employee discount on all our products.
We are an equal opportunity employer for all without any distinction of gender, ethnicity, religion, sexual orientation, social status, disability or age.
#LI-HG #LI-Hybrid