CISO

Our client is a technology company solving payments problems for businesses. Their mission is to help businesses in Africa become profitable envied and loved. They provide a suite of products to help businesses accept payments online and offline manage their operations and grow their business. Our client is driven by a commitment to excellence innovation and customer satisfaction.

Role Overview

Our client is looking for a well-rounded leader who will be responsible for building the security program and improving our clients overall security posture. This area is very important to our client as it is a requirement for them to be better positioned to meet the needs of their customers and enables trust with the mission of safeguarding their customers assets and data against an evolving landscape of sophisticated global and local threats.

Job Type: Permanent

Location: London UK

Work Place: Hybrid

Requirements

• Experience with information security governance risk and compliance experience for a global organization
• Knowledge of technical infrastructure networks databases and systems in relation to IT Security and IT Risk
• A strategic business partner with the ability to articulate complex security concepts and risks in business terms to non-technical stakeholders including the executive team and the board
• Possesses the capacity to effectively lead manage and inspire a team enabling them to achieve both strategic and functional objectives
• Experience developing and publishing company-wide policies standards and other governance documents
• Ability to work very well cross-functionally and are able to think rigorously and make hard decisions and tradeoffs
• Ability to demonstrate initiative operate autonomously and assume complete responsibility for tasks
• In-depth knowledge of cybersecurity principles industry standards frameworks and best practices
• Ability to manage key customer relationships including with senior management across business units
• Proven experience scaling a security program in a high-growth fast-paced technology or fintech environment
• Excellent written and verbal communication skills

Responsibilities

Strategy and Compliance:

• Develop and implement a scalable information security strategy aligning with the companys business objectives.
• Ensure compliance with relevant laws regulations and industry standards including PCI DSS GDPR and local Nigerian data protection laws (e.g. NDPR).
• Ensure security architecture can adapt to and support the companys growth trajectory.
• Educate staff in the organization on the best IT practices and regulatory requirements.
• Work closely with other high-level executives to develop all-encompassing security strategies within the organizations context and goals.

Risk Management:

• Own and manage the end-to-end security risk management framework.
• Identify assess and prioritize security risks across the organization translating them into a clear risk posture for executive leadership and the board.
• Align security initiatives with the companys defined risk appetite.

Team Management:

• Recruit mentor and lead a high-performing multi-disciplinary security team.
• Foster a culture of continuous learning and development to stay ahead of emerging threats and technologies

Threat Intelligence and Incident Response:

• Establish and mature a robust threat intelligence program to proactively identify analyze and mitigate emerging threats particularly those targeting the African fintech ecosystem.
• Design operationalize and regularly test our incident response business continuity and disaster recovery plans to ensure organizational resilience.

Security Architecture and Technology:

• Oversee the design of secure systems and review application and infrastructure security architectures ensuring scalability and adherence to security by design principles.
• Implement proactive security measures and controls to prevent security breaches and minimize potential impact including managing and implementing various security technologies and tools (e.g. SIEM IDS/IPS vulnerability scanners).
• Lead the cloud security strategy ensuring robust configuration monitoring and protection of our clients cloud infrastructure and services.

Financial Management and Justification:

• Develop business cases that support information security program investments.
• Obtain management support for information security program investments highlighted in the endorsed business cases.
• Manage the security budget and forecast costs.

Communication and Stakeholder Engagement:

• Disseminate the organizations information security goals and objectives to business units and senior management.
• Represent the organization in security-related matters with external parties and stakeholders.
• Manage key customer relationships including with senior management across business units.
• Influence cross-functional and cross-business units to accomplish strategic goals.

Training and Awareness:

• Design and implement security awareness training programs for all staff.

Metrics and KPIs:

• Develop and track relevant Key Performance Indicators (KPIs) such as incident response times compliance audit results and vulnerability management metrics.

Cross-functional Collaboration:

• Work closely with the Engineering team and other technical departments to ensure security is integrated into all development and operational processes.