Chief Information Security Officer (CISO)

We are looking for a hands-on CISO to build a practical, evidence-driven security program that protects our platform, customer data, and digital assets - and keeps us audit- and regulator-ready.

This is a senior individual contributor role (no people management) and reports directly to the CEO, working closely with the CTO and key stakeholders across the business.

What you will do

• Build and deliver a 12-18 month security roadmap
• Maintain a clear risk register and drive actions to closure
• Lead audits and security assessments (evidence, remediation, retesting - PASSI approach when applicable)
• Act as the security point of contact with auditors and regulators, and implement recommendations
• Run security operations through vendors (SOC/MDR, scanning, pentesting) and enforce quality (SLAs, escalation)
• Own incident response end-to-end (playbooks, coordination, post-mortems)
• Partner with the CTO to secure critical areas: access, secrets, logging, API/integrations, and crypto key controls
• Set minimum security requirements for critical vendors and contribute to continuity/recovery testing
• Contribute to DORA readiness (operational resilience, incident preparedness, critical vendor oversight, recovery testing).

• Paris/France-based (remote possible), fluent French (mandatory), strong English
• Strong track record in security within a regulated environment (finance/fintech/crypto)
• Exposure to DORA (or similar operational resilience programs) is a plus.
• Comfortable owning both security governance and hands-on execution in a small structure
• Clear communicator who can translate technical risk into practical decisions for leadership

Motivation, fit, prerequisites.

CTO interview 1h

Engineering partnership, product security, pragmatism.

Live Case Study (1h)

Practical exercise.

COO interview 1h

Risk, audits/regulators, DORA and resilience evidence.

CEO interview 1h

Leadership communication, trade-offs, crisis readiness.

At Aplo, you won't just do a job - you'll own outcomes, grow every day, and work with a team that wins together. Aplo is the only EU-registered crypto prime broker for institutional investors offering transparent, conflict-free, self-service execution with fast asset listing across hundreds of coins. In October 2025, Aplo was acquired by Coincheck N.V. (Nasdaq CNCK), a publicly listed company. We combine the agility of a startup with the rigor of a regulated financial institution, giving institutional clients access to crypto markets with the reliability of traditional finance.