Regional Chief Information Security Officer (CISO) - EU Operations

About Triple-A

Triple-A is a global payment institution licensed in the United States, Europe, and Singapore, enabling businesses worldwide to pay and get paid in both local and digital currencies.

We empower businesses to reach over 560M digital currency owners, boost revenue, and optimise costs through stablecoin and cryptocurrency payments, while eliminating volatility, custody, and compliance risks. Our commitment is to build a more efficient, inclusive global payment ecosystem by bridging the gap between local and digital currencies.

Registered with the United States Financial Crimes Enforcement Network (FinCEN), licensed by the Monetary Authority of Singapore (MAS), and Banque de France’s ACPR in Europe, Triple-A is trusted by over 20,000 businesses worldwide to make global crypto payments simple, secure, and cost-effective. For more information, visit www.triple-a.io .

Join the team

We are a dynamic and passionate team building towards a more efficient global payment ecosystem. We actively bridge the gaps in cross-border payments, between traditional & digital currencies, and Web2 and Web3.

Guided by our CEO, Eric Barbier, who brings 20 years of experience and a proven track record in building and scaling payment companies worldwide, Triple-A is growing our team. If you’re bold, tenacious, and creative, we believe you’d be a perfect match for us!

The Role

Triple-A is seeking a highly driven and ambitious information security leader to step into a pivotal role as our Regional Chief Information Security Officer (CISO) for France and the wider European Union. This is an exceptional opportunity for a seasoned security professional ready to take on a comprehensive leadership challenge, establishing and maturing our information security posture, ensuring robust compliance with critical local and EU regulations (particularly ACPR and GDPR), and safeguarding our innovative financial services in a dynamic and rapidly evolving fintech landscape. You will be instrumental in shaping our security future across the EU, with a primary focus on our French operations.

Key Responsibilities :

• Strategic Leadership : Develop, implement, and monitor a comprehensive information security and risk management strategy and program specifically tailored for Triple-A's French and EU operations, while ensuring alignment with the global cybersecurity framework. You will be empowered to drive significant security initiatives.
• Regulatory Compliance : Serve as the primary point of contact for all cybersecurity matters related to French and EU regulations. Ensure full compliance with ACPR requirements, GDPR, and other relevant data protection and cybersecurity directives (e.g., DORA, NIS2 if applicable). Proactively engage with regulatory bodies and auditors as required.
• Risk Management : Identify, evaluate, and mitigate information security risks across French / EU operations. Drive the execution of regular risk assessments, vulnerability assessments, penetration testing, and business impact analyses.
• Security Operations & Incident Response : Oversee and enhance security operations for the region, including threat intelligence, incident detection, response, and recovery. Develop and maintain an effective incident response plan for French / EU operations.
• Policy & Governance : Develop, implement, and enforce information security policies, standards, procedures, and guidelines in accordance with French / EU regulations and global company policies, building a strong security governance framework.
• Security Architecture : Provide expert guidance on the security design and architecture of new and existing systems, applications, and infrastructure deployed or utilized within the French / EU context, particularly concerning payment gateways and crypto-asset security.
• Awareness & Training : Champion a strong culture of security awareness within Triple-A through engaging training programs and ongoing communication.
• Collaboration & Reporting : Work closely with the global cybersecurity team in Singapore, local IT, compliance, and business units in France. Provide clear and concise reports on the regional security posture, risks, and compliance status to local management and the Global Head of Cybersecurity.
• Vendor & Third-Party Risk Management : Assess and manage information security risks associated with third-party vendors and partners operating within the French / EU scope.
• Budget Management : Develop and manage the cybersecurity budget for French operations, ensuring optimal allocation of resources and demonstrating ROI.

Qualifications & Experience :

Education :

Experience :

Regulatory Knowledge :

Technical Expertise :

Certifications :

Languages :

Skills & Attributes :

What We Offer :