Information Security and Compliance Analyst New Cape Town SA

Information Security and Compliance Analyst

Cape Town SA About Stitch Stitch is a payments infrastructure company on a mission to make it easier for enterprise businesses to connect to the financial system and build better experiences for their customers. We are expanding the team to enable Stitch to broaden our product offering and extend our geographical footprint. Key Responsibilities

1. Guide and ensure compliance with card-based payment solutions and key management systems to protect transactions and CHD in accordance with PCI DSS and other security standards.
2. Assist with the implementation and maintenance of the ISMS in accordance with ISO 27001 and other adopted security-related standards.
3. Conduct risk assessments to identify vulnerabilities and ensure appropriate risk mitigation strategies are in place within the ISMS framework.
4. Conduct information security due diligence on third-party vendors and provide recommendations to management.
5. Complete vendor risk assessments submitted by clients and prospective clients.
6. Assist with the development, updating, and enforcement of policies and procedures to sustain compliance with ISO 27001, PCI and other relevant information security standards and practices.
7. Assist with the coordinate and manage of PCI, ISO 27001 and related audits, including internal and third-party assessments.
8. Train and guide staff on information security practices and policies to foster a secure organisational culture.
9. Monitor compliance with information security policies and procedures, reporting on performance against the standards to senior management.
10. Create technical documentation and security guidelines for internal use to assist compliance with regulatory requirements.
11. Stay abreast of new trends and changes in security regulations and standards to ensure continuous improvement of the ISMS.

Requirements

1. Bachelor’s degree in Information Technology, Cybersecurity, or related field.
2. Relevant professional certifications (CISSP, CRISC, CISM, ISO 27001 Lead Auditor or Implementer, PCI ISA) are strongly preferred.
3. A minimum of 3 years experience in information security management and compliance, focusing on ISO 27001, PCI DSS, PCI PIN and PCI P2PE.
4. In-depth knowledge of information security standards and frameworks, particularly 27001, 22301, 27701, SOC2, POPIA, PCI and GDPR.
5. Proven track record of assisting in running with PCI DSS, PCI PIN and PCI P2PE and ISO 27001 audit programmes.
6. Strong understanding of cryptographic protocols, key management, and secure payment solutions.
7. Ability to perform risk assessments, identify potential threats, and propose effective solutions.
8. Excellent analytical, problem-solving, and organisational skills.
9. Strong interpersonal and communication skills with the ability to engage effectively with technical and non-technical stakeholders.
10. Willingness to stay current on emerging threats, technologies, and regulatory updates related to the payment industry and overall information security.
11. Based in Cape Town or willing to relocate.
12. Valid driver’s license required.

We recognise and value the importance of enabling remote work and maintaining a globally distributed workforce. We cater to equitable employee experiences for both in-office and remote team members. We remain conscientious about ensuring a level playing field, especially around team events, business meeting practices, and office-driven benefits. We believe in the power of ownership. That's why every full-time team member becomes a part-owner of Stitch. Our employee stock ownership plan ensures that when the company thrives, you do too. Taking time off from work is critical to ensure that you can take necessary breaks and have time for important life events outside of work. It also helps you manage your energy better. In line with this, we provide a generous annual leave policy, along with supportive family responsibility, parental, study, and long-tenure sabbatical leave options, designed to accommodate the diverse needs of our team. We are committed to the professional growth of our team. Each year, we allocate $3,000 per full time team member for learning and development, supporting a culture of continuous improvement and skill enhancement. Recognising the importance of health and well-being, we contribute to health insurance for all team members and provide group health insurance schemes in certain jurisdictions. To ensure our team has the tools they need, new members receive a brand-new Mac laptop along with the necessary peripheral equipment upon joining Stitch.

Employee Assistance Programmes

We care about the well-being of our team. Our Employee Assistance Programmes provide you with the necessary resources and support to not only excel in your job but also to thrive in your personal life. Whether it's counselling, advice, or support services, we're here to help every step of the way.

Other notable benefits and perks

Celebrations for important life and work milestones Daily team lunches in the Cape Town office Bi-annual work retreats New starter dinners Frequent team and company events #J-18808-Ljbffr