Chief Information Security Officer

About Triple-A

Triple-A is a global payment institution licensed in the United States, Europe, and Singapore, enabling businesses worldwide to pay and get paid in both local and digital currencies.

We empower businesses to reach over 560M digital currency owners, boost revenue, and optimise costs through stablecoin and cryptocurrency payments, while eliminating volatility, custody, and compliance risks. Our commitment is to build a more efficient, inclusive global payment ecosystem by bridging the gap between local and digital currencies.

Registered with the United States Financial Crimes Enforcement Network (FinCEN), licensed by the Monetary Authority of Singapore (MAS), and Banque de France’s ACPR in Europe, Triple-A is trusted by over 20,000 businesses worldwide to make global crypto payments simple, secure, and cost-effective. For more information, visit the team. We are a dynamic and passionate team building towards a more efficient global payment ecosystem. We actively bridge the gaps in cross-border payments, between traditional & digital currencies, and Web2 and Web3.

Guided by our CEO, Eric Barbier, who brings 20 years of experience and a proven track record in building and scaling payment companies worldwide, Triple-A is growing our team. If you’re bold, tenacious, and creative, we believe you’d be a perfect match for us!

The Role

Triple-A is seeking a highly experienced and strategic Chief Information Security Officer (CISO) to lead our information security vision, strategy, and operations for France and the wider European Union. You will be responsible for establishing and maintaining a robust security posture, ensuring compliance with local and EU regulations (particularly ACPR and GDPR), and safeguarding our assets, data, and reputation in a dynamic and rapidly evolving fintech landscape.

Key Responsibilities :

1. Strategic Leadership : Develop, implement, and monitor a comprehensive information security and risk management strategy and program specifically tailored for Triple-A's French and EU operations, while ensuring alignment with the global cybersecurity framework.
2. Regulatory Compliance : Serve as the primary point of contact for all cybersecurity matters related to French and EU regulations. Ensure full compliance with ACPR requirements, GDPR, and other relevant data protection and cybersecurity directives (e.g., DORA, NIS2 if applicable). Liaise with regulatory bodies and auditors as required.
3. Risk Management : Identify, evaluate, and mitigate information security risks across French / EU operations. Conduct regular risk assessments, vulnerability assessments, penetration testing, and business impact analyses.
4. Security Operations & Incident Response : Oversee and enhance security operations for the region, including threat intelligence, incident detection, response, and recovery. Develop and maintain an effective incident response plan for French / EU operations.
5. Policy & Governance : Develop, implement, and enforce information security policies, standards, procedures, and guidelines in accordance with French / EU regulations and global company policies.
6. Security Architecture : Provide expert guidance on the security design and architecture of new and existing systems, applications, and infrastructure deployed or utilized within the French / EU context, particularly concerning payment gateways and crypto-asset security.
7. Awareness & Training : Develop and promote a culture of security awareness within Triple-A France through training programs and ongoing communication.
8. Collaboration & Reporting : Work closely with the global cybersecurity team in Singapore, local IT, legal, compliance, and business units in France. Provide regular reports on the regional security posture, risks, and compliance status to local management and the Global Head of Cybersecurity.
9. Vendor & Third-Party Risk Management : Assess and manage information security risks associated with third-party vendors and partners operating within the French / EU scope.
10. Budget Management : Develop and manage the cybersecurity budget for French operations, ensuring optimal allocation of resources.

Qualifications & Experience :

• Education : Bachelor's or Master’s degree in Computer Science, Information Security, Cybersecurity, or a related field.
• Experience : Minimum of 5+ years of experience in information security, with at least 2 years in a senior leadership role (e.g., CISO, Head of Security, Senior Security Manager). Proven experience in the financial services, fintech, or payments industry is essential. Experience with cryptocurrency payment systems is highly advantageous.
• Regulatory Knowledge : In-depth knowledge of French and EU cybersecurity and data protection regulations, including ACPR specific requirements for payment institutions, GDPR, and ideally familiarity with DORA, NIS2.
• Understanding of international security standards and frameworks (e.g., ISO 27001, NIST, COBIT).
• Technical Expertise : Strong understanding of security domains including network security, application security, cloud security (AWS, Azure, GCP), cryptography, identity and access management, incident response, and disaster recovery. Experience with security technologies such as SIEM, IDS / IPS, WAF, endpoint protection, DLP, and vulnerability scanning tools.
• Certifications : Professional security certifications such as CISSP, CISM, CISA, CRISC, or equivalent are highly desirable.
• Languages : Fluency in French and English (both written and spoken) is mandatory.

Skills & Attributes : Exceptional leadership, communication, and interpersonal skills, with the ability to engage and influence stakeholders at all levels, including regulatory bodies. Strong strategic thinking, analytical, and problem-solving capabilities. Proven ability to operate effectively in a dynamic, fast-paced, and international environment. High ethical standards and integrity. Ability to translate complex technical concepts into understandable terms for non-technical audiences. Proactive, results-oriented, and self-motivated.

What We Offer : A unique opportunity to shape the cybersecurity landscape of a rapidly growing global leader in the cryptocurrency payments space. A key strategic role with significant impact on our French and European operations. Collaboration with a dynamic, innovative, and international team. Competitive salary, benefits package, and opportunities for professional growth. The chance to work at the cutting edge of financial technology.