Information Security Specialist at PalmPay

At PalmPay, we want to provide a financial ecosystem that is open to as many people as possible, and that’s why the only requirement to access financial services from us is that you have a smartphone. We have exclusively partnered with TECNO Mobile, Africa’s leading mobile phone brand with over 50% market share on the continent. The PalmPay app will come pre-installed on over 20 million devices in 2020.

• As an Information Security Specialist, you will play a critical role in ensuring the security and integrity of our systems and data in the rapidly evolving landscape of financial technology.
• You will collaborate with cross-functional teams to implement and maintain robust security measures, safeguarding our infrastructure, applications, and customer information from cyber threats and vulnerabilities.
• This role requires a deep understanding of information security principles, industry best practices, and regulatory requirements specific to the fintech sector.

Responsibilities:

• Develop, implement, and maintain information security policies, procedures, and controls in accordance with industry standards and regulatory requirements (e.g., PCI DSS, GDPR, etc.).
• Conduct regular risk assessments and security audits to identify vulnerabilities, assess the effectiveness of existing controls, and recommend remediation actions.
• Design and implement security measures to protect sensitive data, including encryption, access controls, and authentication mechanisms.
• Monitor and analyze security events and incidents, investigate security breaches, and respond to security alerts in a timely manner.
• Collaborate with IT and software development teams to integrate security best practices into the development lifecycle and ensure secure coding standards are followed.
• Provide guidance and support to internal stakeholders on security-related matters, including security awareness training and incident response procedures.
• Stay informed about emerging threats, vulnerabilities, and security technologies, and make recommendations for continuous improvement.
• Participate in regulatory compliance efforts, including conducting audits and responding to inquiries from regulatory authorities.
• Stay up-to-date with industry trends and advancements in information security, and proactively identify opportunities to enhance our security posture.

Qualifications:

• Bachelor's degree in computer science, information security, or a related field and relevant certifications (e.g., CISSP, CISM, CEH) preferred.
• Proven experience working in information security roles, preferably in the fintech industry or financial services sector.
• In-depth knowledge of security frameworks, standards, and regulations (e.g., NIST, ISO/IEC 27001) and their application in a fintech environment.
• Hands-on experience with security technologies and tools, such as SIEM, IDS/IPS, DLP, WAF, and vulnerability management systems.
• Strong understanding of network security principles, including firewalls, VPNs, and secure protocols (e.g., SSL/TLS).
• Excellent analytical and problem-solving skills, with the ability to assess complex security issues and develop practical solutions.
• Effective communication skills, with the ability to articulate technical concepts to non-technical audiences and collaborate effectively with cross-functional teams.
• Strong attention to detail and a commitment to maintaining the highest standards of security and compliance.

Method of Application