Required

• Experience with information security governance, risk and compliance experience for a global organization (preferably with reliance on cloud computing)
  
• Experience developing and publishing company-wide policies, standards, and other governance documents
  
• Experience in implementing industry standards frameworks/regulations such as Secure Controls Framework (SCF), ISO 27001, NIST Cybersecurity Frameworks, Business Continuity (as it aligns with ISO22301)
  
• Ability to manage and prioritize multiple tasks and projects and assist/advise your team in establishing appropriate priorities
  
• Ability to manage key customer relationships, including with senior management across business units
  
• Ability to influence a cross-functional and cross-business unit team to accomplish goals
  
• Excellent analytical skills and ability to learn quickly
  
• Excellent written and verbal communication skills
  

• Contributing to establishing strategic information security objectives across Paystack.
  
• Contributing to the strategic direction for Security Governance, Risk Management, and Compliance that align with overarching Security objectives of the company
  
• Understanding the unique challenges of securing the Paystack platform across different markets and demographics
  
• Identifying control gaps and testing the design of existing controls
  
• Determining risk management controls and recommending improvements to company-wide controls
  
• Ability to work effectively with a team to execute various security projects, evaluate controls and plan around solutions
  
• Ability to communicate effectively
  
• Ability to own and manage portions of the security program and provide consistent status updates to Security Leadership regarding progress against objectives
  
• Raise accountability by escalating issues in a timely manner and creating and maintaining detailed documentation
  
• Stay up-to-date with trends in the information security community
  
• Operate with a sense of ownership, urgency, and drive
  
• Ability to distill controls across multiple regulatory requirements and frameworks for visibility into defence mechanism, strengths and gaps
  
• Contribute to the development of our Internal vendor risk management program; this involves working with vendors and partners to ensure they have appropriate controls in place
  
• Documenting exceptions to establish security policies, guidelines and standards; ensuring exceptions are reviewed periodically