Information Security GRC Officer

About Paystack

Paystack’s mission is to help merchants in Africa get paid by anyone, anywhere in the world. Tens of thousands of notable corporations and businesses in Africa use Paystack’s modern payments infrastructure, including MTN, Bolt, Domino’s Pizza, Smile Communications, AXA Mansard Insurance, and many others.

Within over 9 years, our close-knit team has introduced a steady cadence of innovations within the African Payment space, such as automated recurring payments, the ability for customers to pay with only a bank account, automated chargebacks, and much more. We process well over $300 million in transactions monthly, and our double-digit growth has us processing even more every month.

We’ve pioneered a new era of simple, powerful technology tools for businesses in Africa, and as we prepare for a period of accelerated growth, we’re looking to you to help build a solid foundation upon which we can support some of the continent’s best-performing businesses.

At Paystack, we believe that we will win by recruiting talented people and giving them the space, resources, and support to do the best work of their lives. We hire the most capable people, treat them with genuine respect, and give them the means to succeed. And we’d love your help!

As a leader of the Information Security function at Paystack, you will contribute to the business by presenting your technical expertise with a balanced approach to communication and a bias for action. You will be required to work with our leadership teams at all levels of the company to drive solutions that impact our platform for the good of Paystack and ultimately, our customers and stakeholders. You will leverage your experience across various tools and processes to establish policies and standards across the company.

What you’ll do

As a member of the security team, you will contribute to the Security Organization by presenting your technical expertise with a balanced approach to communication and a bias for action. You will be required to work with a team of information security professionals, other teams within Paystack, and Paystack's customers to map out and effect change across Paystack’s information security landscape. You will leverage your experience across various tools and processes to establish policies and standards across the company.

Job Responsibilities

The responsibilities of a security analyst (GRC) at Paystack include:

• Contributing to establishing strategic information security objectives across Paystack.

• Contributing to the strategic direction for Security Governance, Risk Management, and Compliance that aligns with the overarching Security objectives of the company

• Understanding the unique challenges of securing the Paystack platform across different markets and demographics

• Identifying control gaps and testing the design of existing controls

• Determining risk management controls and recommending improvements to company-wide controls

• Ability to work effectively with a team to execute various security projects, evaluate controls, and plan around solutions

• Ability to communicate effectively

• Ability to own and manage portions of the security program and provide consistent status updates to Security Leadership regarding progress against objectives

• Raise accountability by escalating issues in a timely manner and creating and maintaining detailed documentation

• Stay up-to-date with trends in the information security community

• Operate with a sense of ownership, urgency, and drive

• Ability to distill controls across multiple regulatory requirements and frameworks for visibility into defence mechanisms, strengths, and gaps

• Contribute to the development of our Internal vendor risk management program; this involves working with vendors and partners to ensure they have appropriate controls in place

• Documenting exceptions to establish security policies, guidelines, and standards; ensuring exceptions are reviewed periodically

• Collaborate on internal communications for information security messaging for the enterprise.

• Work with security leadership to develop a strategy for security training and awareness programs.

Who You Are

A few things we expect you should have to be able to meet the demands of the role include:

• Experience with information security governance, risk, and compliance for a global organization (preferably with reliance on cloud computing)

• Experience developing and publishing company-wide policies, standards, and other governance documents

• Experience in implementing industry standards frameworks/regulations such as Secure Controls Framework (SCF), ISO 27001, NIST Cybersecurity Frameworks, Business Continuity (as it aligns with ISO22301)

• Ability to manage and prioritize multiple tasks and projects, and assist/advise your team in establishing appropriate priorities

• Ability to manage key customer relationships, including with senior management across business units

• Ability to influence a cross-functional and cross-business unit team to accomplish goals

• Excellent analytical skills and ability to learn quickly

• Excellent written and verbal communication skills

Benefits

• Competitive compensation package and benefits

• Full medical coverage

• Wellbeing stipend

• Generous leave and sabbatical policies

• Hybrid working environment

• Smart, kind colleagues who’re invested in your growth.

Paystack is an equal opportunity employer and prohibits discrimination and harassment of any kind. We’re committed to providing employees with a work environment that is progressive and open-minded.

Our employment philosophy is to hire the best people and empower them to do the best work of their lives. Employment decisions are based on business needs and individual merit without regard to race, color, religion, ethnicity, sexual orientation, nationality, marital status, gender, or age.