About SpendHQ
SpendHQ is a fast-growing and dynamic Procuretech Scale-up with an incredible collaborative company culture. Our team is constantly innovating, we invented performance management for procurement and we are a market leader and innovator in spend analytics. We provide procurement teams with the tools they need to drive value for their organization, and we have fun doing it.
The SpendHQ SaaS solution has been on the market for over 10 years. Our clients are recognized market leaders from both mid-size organizations and large, multinational corporations. There are 20,000+ SpendHQ users across 500+ global clients.
It is thanks to each of our employees that we are where we are today. We proudly have more over 100 team members in 10 countries with headquarters in both Atlanta and Lyon. But we are not stopping here. SpendHQ is taking on new challenges, and we look forward to continuing to grow the company and team.
Where would you fit in the team?
As a Security Engineer, you’ll contribute to keeping SpendHQ’s cloud environments secure and compliant across EMEA. You’ll partner daily with Sales, Product/Engineering, IT, HR, and Customer teams, while reporting to the CTO (USA).
What will your job entail?
Develop and implement cloud security controls to protect data across our SaaS environments.
Conduct security audits \& vulnerability assessments on cloud systems and applications.
Maintain security policies \& procedures focused on cloud security and GDPR compliance
Support incident management (including investigation of potential GDPR breaches).
Contribute to sales questionnaires (RFP/RFI/RFQ) on Security \& Compliance topics.
Drive regulatory awareness \& training, helping colleagues adopt security first behaviors.
Collaborate with DevOps/development teams to embed security in the pipeline.
What experience and skills do you need to succeed?
Minimum Experience:
3–5 years in information security (internship/alternance counts), with exposure to GDPR, cloud security, and compliance.
Fluency in English (both written and spoken) as the primary working language. French is required in EMEA context.
In-depth knowledge of data protection laws and regulations, particularly GDPR, and the ability to design security architecture in compliance with these requirements.
What You Bring To the Table:
Familiarity with AWS/Azure/GCP security features and tooling.
Understanding of SOC2, ISO 27001/NIST concepts
Experience contributing to security awareness programs or internal training.
Prior exposure to sales/security questionnaires (RFP/RFI/RFQ)
Strong analytical mindset, rigor, autonomy, and sense of responsibility.
Ability to assess risks and support incident response
Strong collaboration skills. Ability to drive change and bring people together, natural leadership.
Excellent skills in communication and simplification; strong pedagogy and a supportive, guiding approach
Why do people love working at SpendHQ?
At SpendHQ, we are :
Stronger Together: Everyone plays an important role at SpendHQ. We deliver more success through shared goals and mutual support. We work diligently to break down silos and collaborate.
People Focused: We care about those we work with and those we serve. We strive for strong results, but not at the expense of people.
Our Best Every Day: We act with authenticity, integrity, dependability and empathy. We are transparent with clients and each other. We foster an environment full of humble, fun go-getters who approach every day as an opportunity to be their best.
Customer Obsessed: Our customers are the reason for our success. We work hard to provide solutions that make their lives easier and help them achieve extraordinary things.
Bold in Action: We believe in taking daring moves. We do everything with enthusiasm because we know our work is meaningful.
What do you need to know?
Salary commensurate with experience. This is a full-time, salaried position with a competitive benefits package:
Performance bonus
Time-saving account (CET)
Remote work policy
Flexible working hours
15 RTT
Swile Card 11€
Equity Program
Cooptation bonus
The role reports to our CTO based in the USA. The position is based in Lyon, our EMEA Headquarter.
We are an equal opportunity employer and value diversity at our company. We welcome applications from all qualified individuals regardless of race, ethnicity, gender, sexual orientation, disability, age, or any other protected status. If you don’t meet every requirement but believe you would be a great fit, we encourage you to apply!
Important notice: All legitimate SpendHQ recruiting communications come only from email addresses ending in @spendhq.com and relate to roles posted on https://www.spendhq.com/careers/.