Chief Information Security Officer

**Company Description**
Born in France in 2006, Voyage Privé has grown from an ambitious startup into becoming the Europe's leading travel tech platform. Operating across 9 markets with tens of millions of users, we're not just another e-commerce success story - we're a tech powerhouse revolutionizing online travel.

As a mission-driven company, we're unique in combining cutting-edge technology with social impact. Our innovative campus brings together tech talent, professional athletes, students, and artists, creating an ecosystem where digital innovation drives both business growth and positive change.

We're now at an inflection point, upgrading our entire technical foundation with cloud architecture, AI, and real-time systems to become a reference and top-of-mind platform for luxury travel, known by travelers for its for excellent offer and customer experience, and by our providers as a high-performance business development partner.

**Why Join Us?**
- Work at the intersection of cutting-edge technology and a mission-driven company, transforming how millions experience travel.
- Be part of an entrepreneurial team of innovators that isn't just building technology: we value innovation, ownership, and collaboration, with an emphasis on empowering engineers to make a difference.
- Shape a fast-growing tech company as we embark on an ambitious plan to scale tenfold in the next decade.
- Fast-paced, innovative environment with a real impact on high-end travel experiences.
- A chance to lead security efforts at a strategic and operational level.
- Direct visibility with the CDO and ExCom, shaping the future of security in a dynamic industry.
- A collaborative, tech-driven culture that values security as a business enabler.
- Enjoy a workplace that invests in personal and professional development, offering learning programs, mentorship opportunities, and career growth pathways.

We are a large, renowned, fast-growing e-commerce company specializing in high-end online travel experiences. Security is a strategic priority to maintain the trust our customers have placed in us.

Our goal is to protect our assets, manage risk, ensure compliance with regulatory requirements (e.g., PCI-DSS v4, GDPR), and build customer trust, all while supporting innovation in our technology and operations, and a profound transformation of our systems to enable and power our ambitious growth objectives.

We are looking for a Chief Information Security Officer (CISO) who will define and execute a global security strategy, lead risk management efforts, and foster a strong security culture across the company. This role will be pivotal in securing our evolving infrastructure, enhancing governance, and demonstrating business impact through security initiatives.

**Key Responsibilities**

**1. Define, Drive, and Execute the Security Strategy & Roadmap**
- Develop and maintain a comprehensive security strategy that covers technical, organizational, and physical security aspects.
- Build and execute a structured security roadmap aligned with the company’s business and technical transformation.
- Identify, assess, and prioritize information security risks (technical, organizational, human) and define appropriate mitigation plans.
- Ensure compliance with industry regulations and standards (PCI-DSS v4, GDPR, and other relevant frameworks) in collaboration with legal and business teams.
- Regularly report security progress, risks, and achievements to the Chief Digital Officer (CDO) and the Executive Committee (ExCom) through Quarterly Business Reviews (QBRs).

**2. Proactive Risk Management, Automation & Business Impact**
- Implement risk-based security measures and establish a continuous improvement approach for security operations.
- Develop automated security dashboards to provide real-time visibility on security posture, including risks, incidents, and security initiatives.
- Demonstrate tangible business impact of security actions (e.g., revenue protection, reduced fraud, SLA adherence, strengthened partner trust).
- Establish Key Performance Indicators (KPIs) to measure security effectiveness and ensure alignment with business objectives.

**3. Technical, Physical, and Network Security**
- Oversee physical security measures (e.g., access controls, video surveillance, alarms) in coordination with infrastructure and facilities teams.
- Ensure the security of networks, cloud infrastructure, and hybrid environments (on-premises + cloud).
- Secure our API-driven, microservices-based architecture, working closely with DevOps and cloud teams.
- Drive Security by Design and Zero Trust principles in all technology initiatives.

**4. Leadership, Team Management & Cross-Team Collaboration**
- Collaborate with product, data, engineering, infrastructure and legal teams to integrate security across all business functions.
- Work alongside the Office IT Manager for security-related actions within Microsoft environments (Active Directory, Office 365, MFA, e