Security Engineer

About Triple-A

Triple-A is a global payment institution licensed in the United States, Europe, and Singapore, enabling businesses worldwide to pay and get paid in both local and digital currencies.

We empower businesses to reach over 560M digital currency owners, boost revenue, and optimise costs through stablecoin and cryptocurrency payments, while eliminating volatility, custody, and compliance risks. Our commitment is to build a more efficient, inclusive global payment ecosystem by bridging the gap between local and digital currencies.

Registered with the United States Financial Crimes Enforcement Network (FinCEN), licensed by the Monetary Authority of Singapore (MAS), and Banque de France’s ACPR in Europe, Triple-A is trusted by over 20,000 businesses worldwide to make global crypto payments simple, secure, and cost-effective. For more information, visit www.triple-a.io.

Join the team

We are a dynamic and passionate team building towards a more efficient global payment ecosystem. We actively bridge the gaps in cross-border payments, between traditional & digital currencies, and Web2 and Web3.

Guided by our CEO, Eric Barbier, who brings 20 years of experience and a proven track record in building and scaling payment companies worldwide, Triple-A is growing our team. If you’re bold, tenacious, and creative, we believe you’d be a perfect match for us!

About the Role

We are seeking a hands-on Security Engineer to strengthen our security posture. You will embed security into our cloud infrastructure, applications, devops pipelines and operational processes, ensuring compliance with global regulators and industry standards. You will partner with engineering, compliance and product teams to anticipate, detect and mitigate security risks in our platform.

Key Responsibilities

• Design, implement and maintain security controls for cloud environments and on-premise systems
• Conduct threat modeling, code reviews and architecture risk assessments for new features
• Manage vulnerability management program: regular scans, prioritization, remediation verification
• Develop and maintain security monitoring (SIEM/SOAR), intrusion detection and alerting workflows
• Lead incident response: triage, forensics, root-cause analysis, reporting to regulators as required
• Automate security testing within CI/CD pipelines (SAST, DAST, container and infrastructure as code checks)
• Define and enforce identity and access management policies
• Collaborate with compliance teams to support audits and certifications
• Coach engineering teams on secure coding practices, facilitate security training and awareness programs
• Stay current on blockchain-specific threats, including wallet and key-management attacks, consensus-layer exploits, and exchange and custody vulnerabilities

Qualifications & Experience

• Bachelor’s or Master’s degree in Computer Science, Information Security or related field
• 3+ years’ experience in application/cloud security, ideally in regulated environments such as financial services, payments or digital assets
• Strong hands-on skills: threat modeling, vulnerability scanning tools, pen-testing frameworks, SIEMs, Kubernetes security
• Familiarity with blockchain fundamentals, crypto key management and wallet security, plus an understanding of consensus-layer and exchange/custody-related threats.
• Familiarity with global regulatory and compliance frameworks for financial services, payments and digital assets.
• Experience embedding security into Agile/DevOps workflows, infrastructure as code
• Relevant certifications desirable: CISSP, OSCP, CCSK, CISM, CRISC, AWS/Azure security specialty

Core Competencies

• Analytical problem-solving and strong attention to detail
• Excellent communication skills; able to translate technical risks into business impact for stakeholders
• Self-motivated, collaborative team player in a fast-paced, global environment
• Continuous learner, proactive in researching and applying new security technologies