Head of Information Security
Alma
il y a 3 jours
Date de publicationil y a 3 jours
S/O
Niveau d'expérienceS/O
Temps pleinType de contrat
Temps pleinAbout Alma
At Alma, we believe sustainable commerce depends on fair, well-balanced trade. Because finance plays a pivotal role in business, our mission is to put it back in its rightful place - serving merchants and consumers. Our installment and deferred payment solutions help merchants boost sales by 20% or more, increase customer loyalty, and deliver a seamless shopping experience - without encouraging bad debt.
As the buy now pay later leader in France and active in 10 European countries, we've empowered over 21,000 merchants and 8 million consumers. With 360+ Almakers and €100M+ ARR, Alma is scaling rapidly across Europe - and we're just getting started.
Your mission
You will lead Alma's Information Security and IT teams (6 FTEs supervised) and report to the General Secretary. You'll define the strategy, steer execution, and foster a culture of security-by-design across the company, partnering closely with executives and cross-functional leaders.
What you'll do Proposal
Manage
At Alma, we believe sustainable commerce depends on fair, well-balanced trade. Because finance plays a pivotal role in business, our mission is to put it back in its rightful place - serving merchants and consumers. Our installment and deferred payment solutions help merchants boost sales by 20% or more, increase customer loyalty, and deliver a seamless shopping experience - without encouraging bad debt.
As the buy now pay later leader in France and active in 10 European countries, we've empowered over 21,000 merchants and 8 million consumers. With 360+ Almakers and €100M+ ARR, Alma is scaling rapidly across Europe - and we're just getting started.
Your mission
You will lead Alma's Information Security and IT teams (6 FTEs supervised) and report to the General Secretary. You'll define the strategy, steer execution, and foster a culture of security-by-design across the company, partnering closely with executives and cross-functional leaders.
What you'll do Proposal
Manage
- Lead a 6-person team across IT and Security; set objectives, coach, and develop talent;
- Structure and prioritize work across roadmap, ensuring delivery and accountability;
- Define the budgetary needs to carry out the defined missions.
- Ensure the company's cyber steering and governance;
- Identify cybersecurity issues and risks;
- Define and maintain security policies, procedures, and guidelines. Ensure their implementation;
- Manage relationships/interfaces with security stakeholders in banking regulation;
- Build and run the information security program, ensuring alignment with key regulations and industry frameworks:
- PSD2, DORA, EBA Guidelines, GDPR.
- SOC 2, ISO 27001, PCI-DSS, and related standards.
- Provide support for cross-functional projects, RFI/RFPs;
- Act as an advisor, providing assistance, information, training, and alerts to various functions/departments (HR, Procurement, Engineering, Sales...).
- Define the organizational and technical measures to be implemented to achieve the defined security objectives. Monitor and measure their implementation;
- Promote a cyber culture for users and management;
- Provide support during assessments and audits carried out by internal and external stakeholders.
- Lead threat detection activities across the different information systems;
- Lead security incident response;
- Ensure that the security crisis management framework is operational.
- Evolve the Business Continuity Plan (BCP) and Disaster Recovery Plans (DRP);
- Define and supervise DRP tests;
- Ensure a cyber-resilience strategy.
- Develop and maintain a strong security awareness program with measurable impact;
- Run regular internal (and when relevant, external) sessions to test and improve adherence to security policies and procedures.
- Proven experience leading Information Security programs in a high-growth, product/tech-driven environment - ideally in the banking & payment sector
- Experience managing combined IT & Security scopes is a plus;
- Team leadership: coaching, hiring, and developing talent; fostering a culture of security-by-design and continuous improvement;
- Excellent stakeholder management and communication skills; comfortable advising executives and collaborating across Engineering, Product, Data, Legal, and People;
- Strong knowledge of SOC2, ISO27001; hands-on track record implementing controls and passing audits;
- Strong knowledge of cloud and systems architectures, databases, and applications.
- Knowledge of security tools and technologies (XDR, EDR, Security Operation center management, vulnerability management, phishing platform, etc.)
- Demonstrated capability in risk management, incident response, and threat-informed decision-making;
- Practical experience with vulnerability management, BCP/DRP;
- Fluency in English;
- Intro call with Talent
- Conversation with Hiring Manager (General Secretary)
- Business Case (with the Infosec team)
- Cross-functional interviews (Legal, Internal Control, Compliance)
- Final conversation with our co-founder
RÉSUMÉ DE L' OFFRE
Head of Information Security
Alma
Paris
il y a 3 jours
S/O
Temps plein
Head of Information Security