About EQUANS

Equans is a global leader in energy and services, with €19.2 billion in annual revenue* and nearly 800,000 yearly projects across continents. With 90,000 skilled employees, the company delivers expertise in electrical and thermal engineering, HVAC, refrigeration, robotics, energy performance, digital solutions, IT and cybersecurity.

Within this ecosystem, the Corporate Cyber GRC function provides the foundational governance, risk management, compliance framework, awareness initiatives and third‑party oversight that shape the Group’s overall cybersecurity posture.

What Makes This Role Truly Exciting

• You operate at the highest strategic level: this is a Corporate level position, shaping the rules, standards and cyber direction for the entire Equans Group.
• A transversal and high impact role: your work influences 90,000 employees at worldwide scale.
• A genuinely diverse scope: governance, risk management, compliance, methodologies, audits, awareness, project support… no repetitive routines here.
• A role of influence: you help define policies, structure practices, and shape Group‑wide cybersecurity expectations.
• Strong autonomy: you contribute ideas, drive initiatives, challenge approaches and help the organization evolve.
• A global environment: daily interactions with entities worldwide, each with unique operational realities and maturity levels.
• Top‑management visibility: your reporting and analyses support executive‑level decision‑making.
• Perfect for curious, agile and versatile minds: ideal if you enjoy switching contexts and navigating complexity.

Why Join the Corporate Cyber GRC Team?

• You help shape Group‑wide cybersecurity strategy.
• You work across borders, business units and disciplines.
• You learn constantly thanks to the role’s diversity and global exposure.
• You join a supportive, ambitious and pragmatic team.
• You unlock strong career development opportunities, both within cybersecurity and across the broader Equans organisation.

Your mission

As a Corporate Cyber Governance, Risk & Compliance Analyst, you contribute to designing, maintaining and steering the Group’s cybersecurity governance framework. Reporting directly to the Group Head of Cyber GRC, you work closely with entities worldwide to ensure alignment, coherence and continuous improvement of the overall cyber posture.

Your purpose: set the direction, drive consistency, and support change across a global, multi‑expertise organization.

Your Responsibilities

Governance & Policy Framework

• Organize and coordinate governance committees with CISOs across the Group.
• Define, maintain, and evolve Group cybersecurity policies and standards.
• Ensure alignment with ISO 27000, regulatory requirements and legislative developments.
• Support entities in understanding, applying and operationalizing Group expectations.

Cyber Risk Management

• Deploy and continuously improve the Group’s risk management methodologies, including third‑party assessments.
• Consolidate Group‑wide risk insights and produce executive‑level reporting.
• Manage, document and monitor cybersecurity exceptions within the risk framework.

Compliance & Audit Follow‑Up

• Coordinate Group level audit and compliance initiatives.
• Drive and monitor remediation plans to ensure issues are properly addressed.

Awareness & Culture Change

• Roll out Group cybersecurity awareness initiatives and contribute to developing a strong security culture.
• Support managers and operational teams in adopting best practices and embedding cyber reflexes into daily operations.

Support to Strategic Projects

• Ensure cybersecurity is embedded in Group and entity projects.
• Act as a trusted GRC advisor for IT, Digital and Business stakeholders.

Coordination Across Entities

• Collaborate with local cybersecurity leads to support and challenge their practices.
• Foster harmonisation and strengthen overall Group cyber maturity.

Your profile

Education & Experience

• Familiarity with ISO 27000 standards,
• Experience in cybersecurity (no need for 10+ years, but you must understand the fundamentals well).
• Without being a technical expert, you have enough hands‑on exposure to IT or cybersecurity topics to understand project contexts, constraints and risks.

SKILLS

• Broad understanding of cybersecurity domains and the role of each stakeholder.
• Ability to simplify, communicate and influence diverse audiences — from field teams to executives.
• Strong analytical and synthesis skills; curiosity to explore varied contexts.
• Capacity to design simple, pragmatic and efficient processes and policies.

MINDSET

• Naturally curious, eager to learn, and comfortable adapting to new challenges.
• At ease in complex, international and fast‑evolving environments.
• Versatile, autonomous, and capable of constructive challenge.
• Strong sense of ownership and initiative.