Didask is a SaaS eLearning solution that enables organizations to create effective online training programs with ease and strong pedagogical foundations. It is the first platform on the market to integrate a pedagogical assistant, designed by our researchers based on recommendations from cognitive science research. This innovative technology generates tailored training frameworks aligned with your learners' cognitive needs and guides you step-by-step in designing adaptive learning experiences with proven educational impact.
Our platform also leverages cutting-edge Generative AI (GenAI) capabilities, enhanced by our deep expertise in cognitive science. Unlike generic AI tools, Didask’s GenAI is specifically designed to meet the unique challenges of learning and training, ensuring outputs that are not only innovative but also scientifically grounded and pedagogically effective.
As a French EdTech company, Didask was founded by researchers from the prestigious École Normale Supérieure (ENS) in Paris, driven by a passion for education and pedagogy. Since late 2021, we have been supported by a European investment fund that drives our growth and ambitious development projects.
At Didask, we combine advanced research, innovative AI, and a mission to make impactful learning accessible to all. Join us to help shape the future of education!
Job descriptionAs Security & Compliance Lead at Didask, you will serve as our Information Security Officer and Data Protection Officer (DPO), representing Didask both internally and externally on all security and privacy matters. Your mission: ensure we operate at the highest standards while maintaining our agility, by selecting and implementing the right compliance frameworks.
Working closely with engineering teams and interfacing with prospects, customers, auditors and authorities, you'll have a broad scope of ownership:
Privacy & Data Protection: As our Data Protection Officer, you'll be responsible for our global privacy strategy. Define and enforce privacy policies, oversee privacy impact assessments, handle data subject requests, and represent Didask with supervisory authorities.
Security & Compliance Programs: Maintain our ISO 27001 certification and Qualiopi compliance. Define our certification roadmap (e.g., SOC 2) based on market requirements. Establish policies, coordinate audits, and manage our compliance platform (Vanta).
Enterprise Security Reviews: Lead security questionnaire responses for enterprise prospects. Create and maintain documentation for customer due diligence. Partner with sales teams to address security concerns during the sales process.
Program Management: Build and maintain our security training program. Report on security metrics and compliance status. Lead incident response planning and testing. Manage security vendors and external auditors.
We're looking for someone who can bridge the gap between technical requirements and business processes. Here's what we expect:
Team Culture: You excel in our transparent, written-first environment where we value clear documentation and async communication. You share our belief that security and privacy should be built on openness rather than obscurity. You have experience fostering a security-minded culture across an organization.
Leadership & Ownership: You take ownership of your domains while knowing when to involve others. You're proactive in identifying and addressing issues, but also systematic in how you implement solutions. You're comfortable making decisions with incomplete information while maintaining rigorous follow-through.
Communication Excellence: Exceptional ability to present security and privacy topics to diverse audiences. Experience addressing enterprise prospects' security concerns during sales cycles. Outstanding documentation skills for both internal processes and customer-facing materials. Strong presentation abilities with a track record of building trust with technical and business stakeholders.
Regulatory & Compliance Expertise: Deep understanding of privacy and security regulations. Experience translating complex regulatory requirements into practical measures. Strong analytical skills for interpreting legal frameworks and standards. Track record of building compliance programs that support rather than hinder business growth.
Security Experience: Significant experience managing compliance programs (ideally including ISO 27001). Strategic mindset for identifying and prioritizing certifications. Track record of successfully passing external audits.
Technical Background: Solid grasp of cloud security architecture and controls. Ability to understand and validate technical implementations. Experience with compliance automation platforms. Knowledge of secure development practices.
Apply by answering a few written questions about your experience and vision for security at Didask.
If your profile matches our needs, here's what to expect:
A screening interview to discuss your background and approach to security.
A take-home exercise focused on a compliance scenario.
A technical discussion with engineering leads about security architecture.
A final conversation with product leadership about vision and strategy.
Didask is transitioning to English as our internal working language in 2025. Professional proficiency in English is required. Speaking French is optional. The team will make sure you never feel excluded if you don't.
Unless specified otherwise, all our positions are remote-first. At the moment, we can only accept candidates who are French fiscal residents. You can work from anywhere in a timezone close to ours, as long as you have good working conditions (including a good Internet connection for fluid videoconferencing).