Information Security Officer at PayFast

Information Security Compliance Officer

• We seek to appoint an Information Security Compliance Officer to join our fast-growing business in the online payments industry. You will bring an engineering approach to security compliance, governance and technical implementation. The Information Security Compliance Officer will continuously develop and improve the security posture and threat surfaces through scoping and shaping of the Information Security Program and maintain all aspects relating to Compliance programs such as PCI, PoPIA, GDPR. This position will be responsible for the policy, practice, development and operational security program.

Core Competencies:

• Skills in penetration testing, vulnerability assessments, risk analysis, and compliance testing
• Working knowledge with Cloud Alliance Control Matrix and OWASP top 10 and mitigation strategies.
• Ability to maintain confidentiality.
• Ability to stay organized amidst changing priorities and multiple simultaneous projects.
• Ability to problem solve by exercising proper judgement and timely decision-making skills.
• Demonstrated commitment to working as part of a diverse and inclusive community.
• The ability to successfully manage multiple priorities.
• Above average customer service skills as well as verbal and written communication skills.
• Must be able to communicate technical information (both written and verbally) to clients within technical and non-technical communities in a supportive and meaningful way.
• Must embrace learning and working with constantly changing technology.

People management:

• Effectively develop and maintain a competent, skilled team on an ongoing basis
• Inspiring, motivating, leading and managing the team to provide quality output and accountability
• Develop and maintain an open communication channel with team members, which supports staff to foster greater self-efficacy, accountability, collaboration and teamwork

Application Requirements:

• Bachelor’s degree in Computer Science, Management Information Systems, Information, Cybersecurity or related field.
• Certification such as CISSP, SSCP, GSEC or other information security related certification.
• Minimum of 5 years’ relevant experience is required, including 2+ years of managing a team.
• Experience in FinTech and Ecommerce is a plus.
• Demonstrated collaboration skills and the ability to work well as a member of a team, or independently.
• Working knowledge of Linux/Windows O/S, Active Directory, Group Policy, ACLs, SSL Certs, IDS/IPS, VPN, TCP/IP, DNS, Firewalls, identity, Syslog.
• Knowledge of information security standards (e.g. PCI, ISO 27001/2014, CIS, NIST, etc.) and data privacy and sovereignty regulations such as GDPR and PoPIA.
• Familiar with security auditing tools such as Nessus, Metasploit, Snort, GRC tools, OSSEC, etc.

Perks

• Home expense policy for internet connection for remote working
• Employees are eligible for a bonus after the financial year end, based on a combination of the employee's performance and the company's performance.