Job Description

About Paystack

------------------


Paystack's mission is to help merchants in Africa get paid by anyone, anywhere in the world. Tens of thousands of notable corporations and businesses in Africa use Paystack's modern payments infrastructure, including MTN, Bolt, Domino's Pizza, Smile Communications, AXA Mansard Insurance, and many others.


Within over 9 years, our close-knit team has introduced a steady cadence of innovations within the African Payment space, such as automated recurring payments, the ability for customers to pay with only a bank account, automated chargebacks, and much more. We process well over $300 million in transactions monthly, and our double-digit growth has us processing even more every month.


We've pioneered a new era of simple, powerful technology tools for businesses in Africa, and as we prepare for a period of accelerated growth, we're looking to you to help build a solid foundation upon which we can support some of the continent's best-performing businesses.


At Paystack, we believe that we will win by recruiting talented people and giving them the space, resources, and support to do the best work of their lives. We hire the most capable people, treat them with genuine respect, and give them the means to succeed. And we'd love your help!

About the Role

------------------


As a leader of the Information Security function at Paystack, you will contribute to the business by presenting your technical expertise with a balanced approach to communication and a bias for action. You will be required to work with our leadership teams at all levels of the company to drive solutions that impact our platform for the good of Paystack and ultimately, our customers and stakeholders. You will leverage your experience across various tools and processes to establish policies and standards across the company.

What you'll do

------------------


Paystack is looking for a well-rounded leader who will be responsible for building the security program and improving Paystack's overall security posture. This area is very important to Paystack as it is a requirement for us to be better positioned to meet the needs of our customers and enable trust with the mission of safeguarding our customers' assets and data against an evolving landscape of sophisticated global and local threats.

Job Responsibilities

------------------------


As a security leader at Paystack, your responsibilities will include:

Strategy and Compliance:

+ Develop and implement a scalable information security strategy aligning with the company's business objectives.
+ Ensure compliance with relevant laws, regulations, and industry standards, including PCI DSS, GDPR, and local Nigerian data protection laws (e.g., NDPR).
+ Ensure security architecture can adapt to and support the company's growth trajectory.
+ Educate staff in the organization on the best IT practices and regulatory requirements.
+ Work closely with other high-level executives to develop all-encompassing security strategies within the organization's context and goals.

Risk Management:

+ Own and manage the end-to-end security risk management framework. Identify, assess, and prioritize security risks across the organization, translating them into a clear risk posture for executive leadership and the board. Align security initiatives with the company's defined risk appetite.

Team Management:

+ Recruit, mentor, and lead a high-performing, multi-disciplinary security team. Foster a culture of continuous learning and development to stay ahead of emerging threats and technologies

Threat Intelligence and Incident Response:

+ Establish and mature a robust threat intelligence program to proactively identify, analyze, and mitigate emerging threats, particularly those targeting the African fintech ecosystem.
+ Design, operationalize, and regularly test our incident response, business continuity, and disaster recovery plans to ensure organizational resilience.

Security Architecture and Technology:

+ Oversee the design of secure systems and review application and infrastructure security architectures, ensuring scalability and adherence to security by design principles.
+ Implement proactive security measures and controls to prevent security breaches and minimize potential impact, including managing and implementing various security technologies and tools (e.g., SIEM, IDS/IPS, vulnerability scanners).
+ Lead the cloud security strategy, ensuring robust configuration, monitoring, and protection of our cloud infrastructure and services.

Financial Management and Justification:

+ Develop business cases that support information security program investments.
+ Obtain management support for information security program investments highlighted in the endorsed business cases.
+ Manage the security budget and forecast costs.

Communication and Stakeholder Engagement:

+ Disseminate the organization's information security goals and objectives to business units and senior management.
+ Represent the organization in security-related matters with external parties and stakeholders.
+ Manage key customer relationships, including with senior management across business units.
+ Influence cross-functional and cross-business units to accomplish strategic goals.

Training and Awareness:

+ Design and implement security awareness training programs for all staff.

Metrics and KPIs:

+ Develop and track relevant Key Performance Indicators (KPIs) such as incident response times, compliance audit results, and vulnerability management metrics.

Cross-functional Collaboration:

+ Work closely with the Engineering team and other technical departments to ensure security is integrated into all development and operational processes.

Who You Are

---------------


A few things we expect you should have to be able to meet the demands of the role include:

Experience with information security governance, risk, and compliance for a global organization Knowledge of technical infrastructure, networks, databases, and systems in relation to IT Security and IT Risk A strategic business partner with the ability to articulate complex security concepts and risks in business terms to non-technical stakeholders, including the executive team and the board Possesses the capacity to effectively lead, manage, and inspire a team, enabling them to achieve both strategic and functional objectives Experience developing and publishing company-wide policies, standards, and other governance documents Ability to work very well cross-functionally and are able to think rigorously and make hard decisions and tradeoffs Ability to demonstrate initiative, operate autonomously, and assume complete responsibility for tasks In-depth knowledge of cybersecurity principles, industry standards, frameworks, and best practices Ability to manage key customer relationships, including with senior management across business units Proven experience scaling a security program in a high-growth, fast-paced technology or fintech environment Excellent written and verbal communication skills

Benefits

------------

Competitive compensation package and benefits Stripe Equity compensation Full medical coverage Wellbeing stipend Generous leave and sabbatical policies Hybrid working environment Smart, kind colleagues who're invested in your growth.

Paystack is an equal opportunity employer and prohibits discrimination and harassment of any kind. We're committed to providing employees with a work environment that is progressive and open-minded.

Our employment philosophy is to hire the best people and empower them to do the best work of their lives. Employment decisions are based on business needs and individual merit without regard to race, color, religion, ethnicity, sexual orientation, nationality, marital status, gender, or age.