• Perform cybersecurity risk assessments on complex, enterprise organizations. • Identify and evaluate security misconfigurations and vulnerabilities while considering compensating controls and operational needs across the aforementioned systems and services. • Analyze the potential impact and likelihood of identified risks across different environments (on-prem, cloud, hybrid). • Write highly detailed technical reports on the findings, mitigation strategies, compensating controls, and methodology that can then be digested by both an executive and technical audience. • Create and conduct technical reviews of various highly detailed cybersecurity testing reports. • Research and stay up to date with the latest testing techniques, tools, and methodologies. • Present reports to customers and discuss nuanced technical recommendations, with the expectation of leading customer presentations within 3 months. • Discuss with, collaborate with, and train teammates from the Cybersecurity Red Team around various tools and techniques associated with cybersecurity risk assessment. • Assist team members on other projects and engagements, such as Social Engineering, Network Penetration Testing, and Vulnerability Review.

• Assist in the development of compliance programs • Support the Risk Management team • Help prepare reports and documentation for audits • Collaborate with various teams to enhance security measures

• Contributing to establishing strategic information security objectives across Paystack. • Contributing to the strategic direction for Security Governance, Risk Management, and Compliance that aligns with the overarching Security objectives of the company • Understanding the unique challenges of securing the Paystack platform across different markets and demographics • Identifying control gaps and testing the design of existing controls • Determining risk management controls and recommending improvements to company-wide controls • Ability to work effectively with a team to execute various security projects, evaluate controls, and plan around solutions • Ability to communicate effectively • Ability to own and manage portions of the security program and provide consistent status updates to Security Leadership regarding progress against objectives • Raise accountability by escalating issues in a timely manner and creating and maintaining detailed documentation • Stay up-to-date with trends in the information security community • Operate with a sense of ownership, urgency, and drive • Ability to distill controls across multiple regulatory requirements and frameworks for visibility into defence mechanisms, strengths, and gaps • Contribute to the development of our Internal vendor risk management program; this involves working with vendors and partners to ensure they have appropriate controls in place • Documenting exceptions to establish security policies, guidelines, and standards; ensuring exceptions are reviewed periodically • Collaborate on internal communications for information security messaging for the enterprise. • Work with security leadership to develop a strategy for security training and awareness programs.

• Performs security audits, risk analysis, application-level vulnerability testing, and security code reviews. • Develops and implements technical solutions to help mitigate security vulnerabilities. • Conducts research to identify new attack vectors. • Supports mainframe with scanning and other security focused operational support responsibilities.