Phishia

www.phishia.fr

1 Job

9 Employees

About the Company

Phishia, cabinet de conseil fondé par des ingénieurs experts, accompagne les organisations privées et publiques dans la sécurisation de leurs systèmes d’information. Basés à Nantes et Paris, nous proposons une gamme complète de services centrés sur la cybersécurité et la conformité réglementaire.

Nous intervenons sur :

Audit de cybersécurité et tests d’intrusion

Mise en conformité (ISO 27001, NIS2, LPM)

Supervision des menaces (SOC et CTI)

Réponse aux incidents, gestion de crise et plans de continuité d’activité

Accompagnement stratégique et gouvernance

Notre approche repose sur la transparence, la réactivité et l’expertise technique, afin de garantir la résilience numérique et la confiance de nos clients face aux enjeux cyber.

Sécurisez votre activité. Optez pour Phishia.

Listed Jobs

Company Name: Phishia
Job Title: Consultant Stagiaire Cybersécurité Gouvernance Risque Conformité (GRC)
Job Description: Job title: Cybersecurity Governance, Risk & Compliance Internship Consultant (GRC) Role Summary: Support the expansion of a cybersecurity consulting practice by conducting risk assessments, developing security policies, and preparing for regulatory audits. Act as a liaison among technical, development, and management teams to embed security controls across projects and operations. Expectations: - Highly dynamic, engaged, and eager to drive growth. - Ability to work independently, translate technical issues into actionable recommendations, and maintain rigorous documentation. Key Responsibilities: - Perform and formalize risk analyses (EBIOS RM), create security documentation, hardening policies, and vulnerability management plans. - Define technical security measures: network segmentation, OS hardening, monitoring, access control, logging. - Ensure traceability of security requirements throughout project and operational cycles (deliverable reviews, action plan tracking, integration testing). - Collaborate with systems, dev, network, CSIRT, and IT management teams. - Prepare and support compliance audits (ISO 27001, NIS 2, LPM, SecNumCloud, etc.). - Contribute to internal methodology development (reference frameworks, models, guides). - Maintain active monitoring of technology, normative, and regulatory developments in integrated cybersecurity. Required Skills: - Proficiency with EBIOS RM, ISO 27001, NIST, ANSSI, LPM, NIS 2 frameworks. - Strong understanding of Linux/Windows environments, hardening principles, and network architecture. - Experience in security project integration, technical audit, or IT security governance. - Excellent written communication, autonomy, and precision. - Comfortable in multi‑stakeholder environments and translating technical requirements into operational guidance. Required Education & Certifications: - Graduate of an engineering school or Master’s (Bac +5) with specialization in cybersecurity, systems, networks, or IT architecture. - Relevant certifications (e.g., ISO 27001 Lead Auditor, CISM, CISSP, or equivalent) preferred.