Chief Information Security Officer (CISO) at Arca Payments Limited

Job Summary

The CISO will be responsible for the overall security of ARCA Payments’ information systems. This role will develop, implement, and manage a comprehensive information security program to protect ARCA Payments' information assets against unauthorized access, modification, or loss. The CISO will work closely with executive management, Product, Technology, Legal, Risk and Compliance, and other departments to establish and enforce security policies, standards, and procedures.

Job Details

• Responsible for the day-to-day cybersecurity activities and mitigating cybersecurity risks in ARCA Payments.
• Develop and implement a strategic, long-term information security strategy and roadmap to protect ARCA Payments’ information assets.
• Update, implement, and maintain information security policies, procedures, and standards to comply with regulatory requirements and best practices.
• Identify, assess, and prioritize security risks and work with business units to implement risk mitigation strategies.
• Design and oversee the implementation of secure infrastructure, including network security, data protection, and application security.
• Lead the response to information security incidents, including investigation, containment, and remediation.
• Ensure compliance with relevant laws, regulations, and standards such as NDPA, PCI-DSS, ISO 27001, ISO 27017, ISO 27032, ISO 22301, and CBN Cybersecurity Framework.
• Develop and conduct security awareness training programs to educate employees about information security threats and best practices.
• Assess and manage the security of third-party vendors and service providers.
• Manage the Information Security budget and communicate this with the appropriate parties
• Protect the intellectual property of the company.
• Update and maintain business continuity plans to ensure service is continuously delivered in the event of a disaster or security breach.
• Provide regular updates and reports to the executive team and board of directors on the status of information security initiatives and compliance.
• Conduct a continuous assessment of current security practices and systems and identify areas of improvement.

Requirements

• Degree in Computer Science, Engineering, Information Technology, or a related field. 
• Minimum of 10 years of experience in information security, with at least 4 years in a senior leadership role.
• Relevant certifications such as CISSP, CISM, CISA, or equivalent.
• Strong understanding of current IT security technologies and methodologies, including cloud security, network security, application security, SIEM, intrusion detection/prevention systems, VPNs, and endpoint protection.
• Proven ability to lead and manage a team of information security professionals.
• Excellent written and verbal communication skills, with the ability to effectively communicate complex security issues to non-technical stakeholders.
• Strong analytical and problem-solving skills, with the ability to think strategically and tactically.
• In-depth knowledge of relevant regulatory requirements and standards.