About Triple Triple is building the intelligence platform for banking operations. We are the leading transaction enrichment engine, trusted by 60+ banks and fintechs across 30+ markets. We have raised $10M in funding, an experienced team, and a large network of investors behind our company. We're now solving one of the most painful problems in payments: dispute and chargeback management. Our AI agents automate the dispute workflows for card issuers, from intake and classification through evidence evaluation and scheme submission to Mastercard and Visa. We value getting things done. Role The Director of Information Security is a leadership position that will be accountable and responsible for Triple’s security across all functional areas. He/she will be responsible for the design, implementation and execution of Triple’s security program. The successful candidate will be in charge of planning and development of the security strategy and best practices to ensure that information and assets are adequately protected. This position requires a visionary leader with strong skills in IT security, risk and business sense. A key element of the role is to determine acceptable levels of risk for the organization and coordinate with the rest of the tech team the implementation.  The Director of Information Security will partner with Triple’s CTO to ensure that the security program components are aligned with Triple’s strategy. The Director of Information Security will report directly to the CTO, and will work closely with Triple’s infrastructure and engineering teams.

About Triple Triple is building the intelligence platform for banking operations. We are the leading transaction enrichment engine, trusted by 60+ banks and fintechs across 30+ markets. We have raised $10M in funding, an experienced team, and a large network of investors behind our company. We're now solving one of the most painful problems in payments: dispute and chargeback management. Our AI agents automate the dispute workflows for card issuers, from intake and classification through evidence evaluation and scheme submission to Mastercard and Visa. We value getting things done. Role The Director of Information Security is a leadership position that will be accountable and responsible for Triple’s security across all functional areas. He/she will be responsible for the design, implementation and execution of Triple’s security program. The successful candidate will be in charge of planning and development of the security strategy and best practices to ensure that information and assets are adequately protected. This position requires a visionary leader with strong skills in IT security, risk and business sense. A key element of the role is to determine acceptable levels of risk for the organization and coordinate with the rest of the tech team the implementation.  The Director of Information Security will partner with Triple’s CTO to ensure that the security program components are aligned with Triple’s strategy. The Director of Information Security will report directly to the CTO, and will work closely with Triple’s infrastructure and engineering teams.

• Lead Zero Trust maturity assessments from scoping and discovery through current-state analysis, maturity scoring, gap analysis, roadmap development, and executive readout. • Apply the CISA Zero Trust Maturity Model 2.0 (or comparable frameworks such as NIST SP 800-207, NIST CSF) to evaluate client posture across all five pillars and cross-cutting capabilities (Visibility and Analytics, Automation and Orchestration, Governance). • Facilitate structured workshops and interviews with client stakeholders spanning identity, device, network, cloud/application, data security, and security operations functions. • Synthesize complex, multi-domain findings into clear maturity scores, gap narratives, and prioritized initiative backlogs with sequencing logic, dependencies, and risk/impact context. • Produce executive-ready deliverables: assessment reports, roadmaps, strategy presentations, and decision documentation that hold up to board-level scrutiny. • Solution and architect engagements that require depth across multiple cybersecurity disciplines, not just one pillar in isolation. • Bring practical, implementable perspectives to Zero Trust strategy, connecting conceptual frameworks to real technology decisions (e.g., ZTNA/SASE, identity consolidation, micro-segmentation, data classification and protection, endpoint posture, SIEM/SOAR integration). • Coordinate AHEAD specialist SMEs from Identity, Network Security, Cloud, Data, Cyber Resilience, and other practices to staff and deliver complex engagements that require the breadth of AHEAD's capabilities. • Translate assessment findings into follow-on implementation opportunities and ensure continuity between advisory and delivery phases. • Provide technical architecture and standards support for AI Security Governance engagements in partnership with AHEAD's GRC team, bridging the gap between governance policy and implementable security controls for AI systems (e.g., model access controls, data pipeline protections, AI supply chain risk, monitoring and observability for AI workloads). • Directly manage and mentor a team of Associate and Senior Associate Technical Consultants within the Secure Architecture practice area. • Set quality standards for deliverables, methodologies, and client engagement approaches. • Act as the primary technical resource supporting Zero Trust and cross-pillar security sales pursuits, from initial discovery through proposal delivery and client presentations. • Own and continuously improve AHEAD's Zero Trust assessment methodology, service offerings, templates, and tooling.

• Own and drive the end-to-end security posture of all web, API, and infrastructure surfaces • Identify, assess, and remediate vulnerabilities across frontend (web + Electron), backend services, and cloud infrastructure • Design and enforce security controls at the Cloudflare edge — WAF policies, bot mitigation rules, Turnstile integrations, and rate limiting strategies • Harden AWS environments: API Gateway, EC2, Lambda, S3, RDS, and supporting services in line with least-privilege and zero-trust principles • Lead threat modelling sessions for new product features and flag security gaps before they reach production • Monitor, investigate, and respond to security incidents — from Cloudflare firewall events and WAF alerts to SIEM-detected anomalies • Conduct regular penetration testing and vulnerability assessments; triage and prioritise findings by business impact • Define and enforce HTTP security header policies (CSP, HSTS, X-Frame-Options, Referrer-Policy) across all domains • Build and maintain a DDoS response playbook; lead active mitigation during volumetric and application-layer attacks • Partner with engineering teams to embed secure coding practices and participate in code reviews for security-sensitive changes • Manage the responsible disclosure and bug bounty programme; triage external researcher reports • Produce clear security reports, risk registers, and executive briefings; track remediation SLAs • Stay current on emerging attack vectors, CVEs, and threat landscape changes relevant to online gaming and fintech platforms