Information Security Architect

Our ultra-modern, scaling, payments platform client is seeking an
Information Security Architect
to join their world-class Engineering team, located in
Cape Town
(hybrid). Due to their unique market positioning and backing by world-leading payment companies, VCs and fintech platforms alike, they are set for high growth and expansion in the coming years.

This individual will play a key role in managing the Information Security Management System (ISMS), risk management initiatives, and security certification programs. This role will help ensure the organisation's compliance with relevant standards, such as ISO 27001, PCI DSS, PCI PIN and PCI P2PE, assist in identifying and mitigating security risks, and maintain security best practices across all digital platforms. This role is pivotal in terms of fostering a culture of security awareness within the organisation.

Given the fact that this is a younger company, the environment is highly dynamic and fast-paced. Your working mentality must be one of adaptability, resilience and passion. This is a fantastic company to work for with truly vast amounts of personal and professional upside.

Responsibilities

• Guide and ensure compliance with card-based payment solutions and key management systems to protect transactions and CHD in accordance with PCI DSS and other security standards.
• Assist with the implementation and maintenance of the ISMS in accordance with ISO 27001 and other adopted security-related standards.
• Conduct risk assessments to identify vulnerabilities and ensure appropriate risk mitigation strategies are in place within the ISMS framework.
• Conduct information security due diligence on third-party vendors and provide recommendations to management.
• Complete vendor risk assessments submitted by clients and prospective clients.
• Assist with the development, updating, and enforcement of policies and procedures to sustain compliance with ISO 27001, PCI and other relevant information security standards and practices.
• Assist with the coordinate and manage of PCI, ISO 27001 and related audits, including internal and third-party assessments.
• Train and guide staff on information security practices and policies to foster a secure organisational culture.
• Monitor compliance with information security policies and procedures, reporting on performance against the standards to senior management.
• Create technical documentation and security guidelines for internal use to assist compliance with regulatory requirements.
• Stay abreast of new trends and changes in security regulations and standards to ensure continuous improvement of the ISMS.

Qualifications

• Bachelor's Degree in Computer Science, Engineering, Cybersecurity or other related field
• Relevant professional certifications (CISSP, CRISC, CISM, ISO 27001 Lead Auditor or Implementer, PCI ISA) are strongly preferred.
• A minimum of 6+ years experience in information security management and compliance, focusing on ISO 27001, PCI DSS, PCI PIN and PCI P2PE.
• In-depth knowledge of information security standards and frameworks, particularly 27001, 22301, 27701, SOC2, POPIA, PCI and GDPR.
• Proven track record of assisting in running with PCI DSS, PCI PIN and PCI P2PE and ISO 27001 audit programmes.
• Strong understanding of cryptographic protocols, key management, and secure payment solutions.
• Ability to perform risk assessments, identify potential threats, and propose effective solutions.
• Excellent analytical, problem-solving, and organisational skills.
• Strong interpersonal and communication skills with the ability to engage effectively with technical and non-technical stakeholders.
• Willingness to stay current on emerging threats, technologies, and regulatory updates related to the payment industry and overall information security.
• Based in Cape Town or willing to relocate.
• Valid driver's license required.

Benefits

• Equity in the business
• Generous leave/solid work-life balance
• Great remuneration package
• Remote working
• Plenty of perks
• Strong professional development
• An open, international and inclusive culture
• Advanced equipment/technology

--

This position is open to people already eligible for work in South Africa.

--

About us

We're a dedicated recruiter bringing together the brightest talent with organisations creating cutting-edge technology to change the world for the better.

We partner with technology providers at the forefront of meaningful innovation. And we're here for talented individuals who are passionate about using their skills to drive positive change.

Mind Detect provides exceptional recruitment services to businesses who are leading the way in Data, Machine Learning and AI-driven technologies throughout Europe, the US and Asia.