Information Security Architect

Our ultra-modern, scaling, payments platform client is seeking an Information Security Architect to join their world‑class Engineering team, located in Cape Town (hybrid).

Due to their unique market positioning and backing by world‑leading payment companies, VCs and fintech platforms alike, they are set for high growth and expansion in the coming years.

This individual will play a key role in managing the Information Security Management System (ISMS), risk management initiatives, and security certification programs.

This role will help ensure the organization’s compliance with relevant standards, such as ISO, PCI DSS, PCI PIN and PCI P2PE, assist in identifying and mitigating security risks, and maintain security best practices across all digital platforms.

This role is pivotal in fostering a culture of security awareness within the organization. Given that this is a younger company, the environment is highly dynamic and fast‑paced.

Your working mentality must be one of adaptability, resilience and passion.

This is a fantastic company to work for with truly vast amounts of personal and professional upside.

• Guide and ensure compliance with card‑based payment solutions and key management systems to protect transactions and CHD in accordance with PCI DSS and other standards.
• Assist with the implementation and maintenance of the ISMS in accordance with ISO and other adopted security‑related standards.
• Conduct risk assessments to identify vulnerabilities and ensure appropriate risk mitigation strategies are in place within the ISMS framework.
• Conduct information security due diligence on third‑party vendors and provide recommendations to management, completing vendor risk assessments submitted by clients and prospective clients.
• Assist with the development, updating, and enforcement of policies and procedures to sustain compliance with ISO, PCI and other relevant information security standards practices.
• Coordinate and manage PCI, ISO and related audits, including internal and third‑party assessments.
• Train and guide staff on information security practices and policies to foster a secure organizational culture.
• Monitor compliance with information security policies and procedures, reporting on performance against the standards to senior management.
• Create technical documentation and security guidelines for internal use to assist compliance with regulatory requirements.
• Stay abreast of new trends and changes in security regulations and standards to ensure continuous improvement of the ISMS.

• Bachelor's Degree in Computer Science, Engineering, Cybersecurity or other related field.
• Relevant professional certifications (CISSP, CRISC, CISM, ISO Lead Auditor or Implementer, PCI ISA) are strongly preferred.
• Minimum of 6+ years experience in information security management and compliance, focusing on ISO, PCI DSS, PCI PIN and PCI P2PE.
• In‑depth knowledge of information security standards and frameworks, particularly SOC2, POPIA, PCI and GDPR.
• Proven track record of assisting in running PCI DSS, PCI PIN and PCI P2PE and ISO audit programmes.
• Strong understanding of cryptographic protocols, key management, and secure payment solutions.
• Ability to perform risk assessments, identify potential threats, and propose effective solutions.
• Excellent analytical, problem‑solving, and organizational skills.
• Strong interpersonal and communication skills with the ability to engage effectively with technical and non‑technical stakeholders.
• Willingness to stay current on emerging threats, technologies, and regulatory updates related to the payment industry and overall information security.
• Based in Cape Town or willing to relocate.
• Valid driver's license required.

• Equity in the business.
• Generous leave / solid work‑life balance.
• Great remuneration package.
• Remote working.
• Plenty of perks.
• Strong professional development.
• An open, international and inclusive culture.
• Advanced equipment / technology.

This position is open to people already eligible for work in South Africa.