Responsibilities
- Contributing to establishing strategic information security objectives across Paystack.
- Contributing to the strategic direction for Security Governance, Risk Management, and Compliance that aligns with the overarching Security objectives of the company.
- Understanding the unique challenges of securing the Paystack platform across different markets and demographics.
- Identifying control gaps and testing the design of existing controls.
- Determining risk management controls and recommending improvements to company-wide controls.
- Ability to work effectively with a team to execute various security projects, evaluate controls, and plan around solutions.
- Ability to communicate effectively.
- Ability to own and manage portions of the security program and provide consistent status updates to Security Leadership regarding progress against objectives.
- Raise accountability by escalating issues in a timely manner and creating and maintaining detailed documentation.
- Stay up-to-date with trends in the information security community.
- Operate with a sense of ownership, urgency, and drive.
- Ability to distill controls across multiple regulatory requirements and frameworks for visibility into defence mechanisms, strengths, and gaps.
- Contribute to the development of our Internal vendor risk management program; this involves working with vendors and partners to ensure they have appropriate controls in place.
- Documenting exceptions to establish security policies, guidelines, and standards; ensuring exceptions are reviewed periodically.
- Collaborate on internal communications for information security messaging for the enterprise.
- Work with security leadership to develop a strategy for security training and awareness programs.
Requirements
- Experience with information security governance, risk, and compliance for a global organization (preferably with reliance on cloud computing).
- Experience developing and publishing company-wide policies, standards, and other governance documents.
- Experience in implementing industry standards frameworks/regulations such as Secure Controls Framework (SCF), ISO 27001, NIST Cybersecurity Frameworks, Business Continuity (as it aligns with ISO22301).
- Ability to manage and prioritize multiple tasks and projects, and assist/advise your team in establishing appropriate priorities.
- Ability to manage key customer relationships, including with senior management across business units.
- Ability to influence a cross-functional and cross-business unit team to accomplish goals.
- Excellent analytical skills and ability to learn quickly.
- Excellent written and verbal communication skills.
Benefits
- Competitive compensation package and benefits.
- Full medical coverage.
- Wellbeing stipend.
- Generous leave and sabbatical policies.
