Back

Head of Information Security

Alma is hiring!

About

At Alma, we are convinced that trade must be well balanced to be sustainable. Because finance has a key role in business, our mission is to put it back in its rightful place : at the service of merchants and consumers!

That’s why we create financial products that empower merchants to sell more, and help consumers purchase better products while never encouraging them to get over-indebted.

Our tech solutions are accessible to all, easy to implement, and that eliminate purchase friction.

For merchants, our instalment and deferred payment solutions are excellent ways of increasing customers' loyalty and satisfaction, as well as generating up to 20% extra sales revenues without any risk.

For consumers, the purchase experience is enhanced (4.8/5 on Trustpilot) and Alma helps them handle their budget easily. They pay later, Alma pays the merchants right away.

We are the leader in France, on track to win the European market on the (very) powerful Buy Now Pay Later (BNPL) industry, as we’re now processing payments in 10 European countries. Over the past 7 years, more than 21,500 active merchants have chosen Alma to be their innovative BNPL solution, and we have served over 10 million consumers.

The team has grown from 2 to 340+ people, we raised a €115M series C early 2022 to help us accelerate further and Alma is already part of the French Tech 120 ranking of the most promising French technology companies. And that's only the beginning.

Job Description

About Alma

At Alma, we believe sustainable commerce depends on fair, well‑balanced trade. Because finance plays a pivotal role in business, our mission is to put it back in its rightful place - serving merchants and consumers. Our installment and deferred payment solutions help merchants boost sales by 20% or more, increase customer loyalty, and deliver a seamless shopping experience - without encouraging bad debt.

As the buy now pay later leader in France and active in 10 European countries, we’ve empowered over 21,000 merchants and 8 million consumers. With 360+ Almakers and €100M+ ARR, Alma is scaling rapidly across Europe — and we’re just getting started.

Your mission

You will lead Alma’s Information Security and IT teams (6 FTEs supervised) and report to the General Secretary. You’ll define the strategy, steer execution, and foster a culture of security-by-design across the company, partnering closely with executives and cross‑functional leaders.

What you’ll do Proposal

Manage

  • Lead a 6‑person team across IT and Security; set objectives, coach, and develop talent;
  • Structure and prioritize work across roadmap, ensuring delivery and accountability;
  • Define the budgetary needs to carry out the defined missions.

Governance, Compliance, and Risk management

  • Ensure the company’s cyber steering and governance;
  • Identify cybersecurity issues and risks;
  • Define and maintain security policies, procedures, and guidelines. Ensure their implementation;
  • Manage relationships/interfaces with security stakeholders in banking regulation;
  • Build and run the information security program, ensuring alignment with key regulations and industry frameworks:
    • PSD2, DORA, EBA Guidelines, GDPR.
    • SOC 2, ISO 27001, PCI-DSS, and related standards.


Support the Business

  • Provide support for cross‑functional projects, RFI/RFPs;
  • Act as an advisor, providing assistance, information, training, and alerts to various functions/departments (HR, Procurement, Engineering, Sales...).

Protect

  • Define the organizational and technical measures to be implemented to achieve the defined security objectives. Monitor and measure their implementation;
  • Promote a cyber culture for users and management;
  • Provide support during assessments and audits carried out by internal and external stakeholders.

Detect and Respond

  • Lead threat detection activities across the different information systems;
  • Lead security incident response;
  • Ensure that the security crisis management framework is operational.

Ensure Business Continuity/Recovery

  • Evolve the Business Continuity Plan (BCP) and Disaster Recovery Plans (DRP);
  • Define and supervise DRP tests;
  • Ensure a cyber‑resilience strategy.

Awareness and Training

  • Develop and maintain a strong security awareness program with measurable impact;
  • Run regular internal (and when relevant, external) sessions to test and improve adherence to security policies and procedures.

What we’re looking for

  • Proven experience leading Information Security programs in a high‑growth, product/tech‑driven environment - ideally in the banking & payment sector
  • Experience managing combined IT & Security scopes is a plus;
  • Team leadership: coaching, hiring, and developing talent; fostering a culture of security-by-design and continuous improvement;
  • Excellent stakeholder management and communication skills; comfortable advising executives and collaborating across Engineering, Product, Data, Legal, and People;
  • Strong knowledge of SOC2, ISO27001; hands‑on track record implementing controls and passing audits;
  • Strong knowledge of cloud and systems architectures, databases, and applications.
  • Knowledge of security tools and technologies (XDR, EDR, Security Operation center management, vulnerability management, phishing platform, etc.)
  • Demonstrated capability in risk management, incident response, and threat‑informed decision‑making;
  • Practical experience with vulnerability management, BCP/DRP;
  • Fluency in English;

Hiring process

  • Intro call with Talent
  • Conversation with Hiring Manager (General Secretary)
  • Business Case (with the Infosec team)
  • Cross‑functional interviews (Legal, Internal Control, Compliance)
  • Final conversation with our co-founder

Additional Information

  • Contract Type: Full-Time
  • Location: Paris
  • Possible partial remote
Apply Now