# Chief Information Security Officer **Company:** [Electrum Software](http://jobs.workable.com/companies/64KVK1QgtG2C8ecmYTx1ns.md) **Location:** Cape Town, South Africa **Workplace:** on site **Employment type:** Full-time **Department:** Platform Engineering [Apply for this job](http://jobs.workable.com/view/df4ea92c-8137-4acd-aed0-4a38af46100b) ## Description **Electrum is a next-generation payment software technology company.** Since 2012, we've delivered trusted, enterprise-grade, cloud-native software to optimise financial transaction processing. Our deep expertise has established us as a respected partner in high-volume, low-value payment schemes, enabling clients to deliver services to millions of South Africans daily. At Electrum, we are **grounded in impact** – designing solutions that matter, acting with urgency, and continuously learning as we scale. We believe in **creating together** – working side by side with our clients and teams to build meaningful, lasting solutions. We prioritise **making it safe** – encouraging open communication, smart risk-taking, and trust so that creativity and alignment thrive. And we back **empowered strong teams** – hiring brilliant people, collaborating hard, and holding each other to high standards while leading with empathy and kindness. **When you join the Electrum team, you’ll get to:** - **Be part of the entire journey** — from the spark of an idea to the final product launch. - Grow your skills through **world-class training and hands-on learning** every day. - Receive **mentorship and guidance from industry leaders** who are invested in your success. - Work in a **dynamic, innovative workplace** where collaboration and creativity thrive. - **Tackle real-world customer challenges** and see the impact of your work firsthand. - Explore **plenty of opportunities to grow your career** and expand your expertise. - Gain **valuable experience in a leading FinTech environment**, contributing to meaningful, high-impact projects. ### The Opportunity This pivotal, high-impact role at Electum reports to the CTO. The CISO is the guardian of trust, owning and executing the enterprise-wide security strategy. You will translate cyber risk into business value, ensure secure scaling, and protect enterprise value. The role offers full autonomy to lead the security team, shape the vision for secure financial services, and gain critical cloud-native (AWS) FinTech experience, accelerating career growth. ### The Role The CISO is accountable for defining and executing the enterprise-wide information security strategy and roadmap, protecting client data, payment platforms, cloud infrastructure, and internal systems. The role safeguards the confidentiality, integrity, and availability of Electrum’s software solutions. The CISO leads Cybersecurity and Compliance, ensuring regulatory alignment, risk governance, and security assurance. The CISO maintains independent security risk oversight and provides the EXCO and Board with executive visibility of cyber risk posture. While the CTO focuses on technology enablement and growth, the CISO prioritizes risk governance, control integrity, and enterprise value protection. ### **Responsibilities** **Security Strategy & Governance** Establish, align, and uphold the enterprise security strategy with business goals and growth. Develop and enforce policies, standards, and frameworks to ensure mandatory compliance (e.g., ISO 27001, SOC 2, data protection). Maintain executive visibility of risks and mitigation. Shift security awareness from compliance to a core priority. Manage the annual security budget based on the strategic roadmap and risk tolerance. **Platform Security** Mandate secure architectural design for all platforms and APIs. Integrate secure SDLC into Engineering and DevOps. Ensure platform resilience via regular penetration testing and proactive threat modelling to minimize vulnerabilities. **Risk Management & Compliance** Lead enterprise-wide risk assessments and maintain a risk register. Oversee security risk for third-party vendors. Ensure continuous audit readiness and successful external audits. Maintain and regularly update incident response and data breach protocols. Track and ensure timely remediation of critical vulnerabilities per SLAs. **Security Operations & Incident Management** Oversee Security Operations, monitoring, and threat detection. Mandate annual testing of incident response plans. Lead post-incident reviews and implement corrective actions. Guarantee security integration with business continuity and disaster recovery. Provide clear, timely executive reporting during active incidents. Develop and manage a proactive Insider Threat Program (monitoring, DLP, internal threat intelligence). **Leadership & Culture** Build, mentor, and lead a high-performing security team (recruitment, retention, performance management). Provide strategic security counsel to Product, Engineering, and Sales. Embed mandatory security requirements in client contracts and RFPs. Drive continuous improvement in organizational security maturity. ## Requirements **Educational Qualifications** - Bachelor’s Degree in Information Security, Computer Science or related field (required). - CISSP, CISM, CISA or equivalent certification (required). - Postgraduate qualification or MBA (advantageous). **Relevant Experience** - Minimum 10 years in information security leadership roles. - At least 5 years in regulated SaaS environments, such as payments/fintech or other. - Experience securing cloud-native platforms (AWS preferred). Proven track record managing ISO 27001 / SOC 2 environments. - Experience reporting to Board or executive committees. **Skills** - Deep understanding of payment systems and transaction security. - Strong cloud security and DevSecOps knowledge. - Risk governance and regulatory management expertise. - Incident leadership capability. - Executive communication and stakeholder management skills. **Competencies** - Risk-Based Security Leadership: Translates cyber threats into clear business risks and defines proportionate mitigation strategies aligned to enterprise priorities. - Regulatory & Governance Stewardship: Ensures sustained compliance with ISO 27001, SOC 2 and related standards through enforceable control frameworks. - Security Culture Leadership: Drives shared accountability for security across Engineering and Operational teams. ## Benefits **Why Join Electrum?** - We believe in a **People First** approach, ensuring a culture where you can thrive and make a real difference **Your Career & Culture** - Career Growth: Delivering world-class financial software is challenging, but your effort will earn you hands-on experience with products used by millions, **accelerating your career.** - **Strong Teams**: We keep teams small, focused, and collaborative to maximize **impact**. - **Transparency**: We openly discuss strategy, finances, and salaries. Mistakes are viewed as l**earning opportunities** that we actively discuss. - **Autonomy**: We **trust you**. You're expected to seek out the data needed for informed decisions and manage your own time—knowing when to focus and when to recharge. - **Shared Vision**: You'll have the power to **shape the vision** of how we build the future of financial services. **Practical Perks** 1. Here's how we support our culture: - **Flexible Work:** Office-first environment with **flexible hours**. - **Generous Leave:** Starting at **20 days per year.** - **Office Perks** (Cape Town): Fully-stocked kitchen and **daily catered lunch**. 3. **Social Life:** Regular team activities like hikes, getaways, and dinners