datatrota
Signup Login
Home Jobs Blog

Head, Information Security at Multigate Payments Limited

Multigate Payments LimitedLagos, Nigeria Networking and Tech Support
Full Time
Multigate is a financial technology company focused on providing solutions that cut across payments acquisition, processing, and remittance as well as treasury and cash management for domestic and international corporates.

Duties/Responsibilities

Information Security Program Management:

  • Develop, implement, and maintain the organization's information security management system (ISMS) in line with ISO 27001 standards.
  • Establish and oversee information security policies, procedures, and controls to protect organizational assets.

Business Continuity Management:

  • Design, implement, and manage the organization’s Business Continuity Management System (BCMS) in accordance with ISO 22301.
  • Conduct business impact analyses (BIA) and risk assessments to identify critical business functions and develop appropriate recovery strategies.

PCI DSS Compliance:

  • Ensure compliance with PCI DSS requirements for handling payment card data securely.
  • Oversee annual assessments, vulnerability scans, and remediation plans related to PCI DSS compliance.

SWIFT Security Compliance:

  • Implement and manage compliance with the SWIFT Security Controls Framework (SCF) and the Payment Services Provider (PSP) guidelines.
  • Ensure the organization meets all mandatory and advisory SWIFT security controls.
  • Oversee SWIFT-related security assessments, attestations, and remediation plans to address identified vulnerabilities.

Application and Technology Product Security:

  • Work with development teams to integrate security throughout the software development lifecycle (SDLC).
  • Conduct regular security reviews, penetration testing, and vulnerability assessments of applications and technology products.
  • Ensure secure coding practices and compliance with relevant standards for application security( e.g., OWASP Top 10).

Cloud Security Management:

  • Design and enforce cloud security best practices, with a focus on Microsoft Azure.
  • Implement security measures to protect data and applications hosted in the cloud.
  • Conduct regular assessments of cloud infrastructure to ensure compliance with organizational and regulatory standards.

Network Security and Integrations:

  • Oversee and secure network integrations with third parties, ensuring data confidentiality, integrity, and availability.
  • Implement robust network monitoring and access control measures to mitigate risks associated with third-party connections.

Endpoint Security:

  • Develop and manage endpoint security strategies to protect devices against malware, unauthorized access, and data breaches.
  • Monitor and enforce compliance with endpoint security policies across all devices.

Data Privacy and Regulatory Compliance:

  • Ensure compliance with global data privacy regulations, including GDPR, NDPA, and other relevant standards.
  • Implement data protection strategies to secure sensitive and personal information.
  • Collaborate with legal and compliance teams to address regulatory requirements and audits.

Incident Response:

  • Develop and manage incident response plans to address security breaches, cyber threats, and disruptions.
  • Coordinate with internal and external stakeholders during incident response and recovery activities.

Audits and Certification:

  • Plan and coordinate internal and external audits for ISO 27001, ISO 22301, PCI DSS, SWIFT PSP, and other relevant compliance frameworks.
  • Address non-conformities and ensure successful completion of certification processes.

Training and Awareness:

  • Conduct security awareness and business continuity training for employees.
  • Promote a culture of security and resilience across the organization.

Collaboration and Reporting:

  • Collaborate with all departments to align security initiatives with organizational goals.
  • Provide regular reports on security and continuity status, compliance, and risks to senior management.

Requirements

  • Bachelor’s degree in Computer Science, Information Security, or a related field (Master’s degree preferred).
  • Minimum of 5 years of experience in information security management, including the implementation of
  • ISO 27001, ISO 22301, PCI DSS, and SWIFT CSP.
  • Proven expertise in cloud security, with a strong focus on Microsoft Azure.
  • Hands-on experience with network security and third-party integrations.
  • In-depth knowledge of endpoint security solutions and practices.
  • Strong understanding of data privacy regulations, such as GDPR, NDPA.
  • Professional certifications such as CISM, CISSP, Microsoft Certified: Azure Security Engineer Associate,
  • AWS Certified Security Specialty, CRISC, or equivalent.
  • Excellent communication, problem-solving, and project management skills.

Preferred Skills

  • Experience with security tools such as SIEM, vulnerability scanners, and endpoint protection.
  • Familiarity with SaaS environments and related security challenges.
  • Knowledge of additional regulatory frameworks and compliance standards.

Method of Application

Signup to view application details. Signup Now
Signup to Apply Email Job

More jobs like this

View More Jobs →
Email Job Signup to Apply

Job Overview

Full Time
X

Send this job to a friend