Senior Information Security Officer (Governance, Risk & Compliance) at Multigate

Multigate is a financial technology company focused on providing solutions that cut across payments acquisition, processing and remittance as well as treasury and cash management for domestic and international corporates.

Job Title: Senior Information Security Officer (Governance, Risk & Compliance)

Location: Lagos

Job type: Full-Time

Category: Multigate Org – Information Security

Job Description

• Multigate is seeking to hire a highly experienced Senior Information Security Officer (GRC) to lead and manage the organization’s Information Security Governance, Risk, and Compliance (GRC) functions.
• The successful candidate will be responsible for maintaining compliance with international standards, including ISO/IEC 27001, ISO 22301, and ISO 20000, as well as ensuring adherence to the SWIFT Provider Security Program (SWIFT PSP) for service providers.
• This role is critical in embedding security governance into business processes, ensuring that our organization meets all regulatory, contractual, and internal security requirements.

Duties/Responsibilities
Governance & Compliance:

• Develop, implement, and maintain the organization’s information security governance framework.
• Oversee and manage compliance with ISO 27001 (Information Security), ISO 22301 (Business Continuity), and ISO 20000 (IT Service Management) standards.
• Ensure policies, procedures, and controls are aligned with industry best practices and business objectives.
• Lead the implementation and ongoing compliance with the SWIFT Customer Security Programme (CSP) for service providers, ensuring annual assessments and attestation requirements are met.

Risk Management:

• Identify, assess, and manage information security risks across the organization.
• Develop and maintain the organization’s risk register and conduct regular risk reviews.
• Perform third-party risk assessments and support vendor risk management processes.
• Provide risk treatment plans and work with stakeholders to track mitigation progress.

Audit & Assurance:

• Coordinate and support internal and external audits, including ISO certifications and SWIFT compliance audits.
• Conduct regular internal compliance reviews, gap assessments, and control effectiveness testing.
• Track audit findings, non-conformities, and improvement actions to closure.

Policy & Awareness:

• Develop and maintain security policies, standards, procedures, and guidelines.
• Deliver security awareness training and education programs to promote a strong security culture across the organisation.

Stakeholder Engagement:

• Collaborate with IT, Legal, Risk, Operations, and other departments to embed security and compliance into processes and projects.
• Provide expert advice on security and compliance implications for business initiatives and technology changes.
• Report on GRC metrics and present risk and compliance status to senior leadership and governance forums.

Requirements

• 5 years proven experience in a senior information security role with a strong GRC focus.
• In-depth knowledge of ISO/IEC 27001, ISO 22301, and ISO 20000 standards, including leading audits or implementations.
• Practical experience with SWIFT CSCF/PSP compliance, particularly for service providers.
• Strong understanding of security frameworks and standards such as NIST, CIS Controls, and GDPR.
• Excellent communication and stakeholder management skills.
• Experience conducting risk assessments and managing risk treatment plans.
• Familiarity with GRC tools and risk management platforms.

Preferred Skills:

• Professional certifications such as CISSP, CISM, ISO 27001 Lead Implementer/Auditor, CRISC, or similar.
• Experience in financial services or regulated industries.
• Knowledge of ITIL and service management processes.

Benefits

• Career development/Opportunities
• Office perks
• Working with amazing talents
• Role Autonomy

Application Closing Date
Not Specified.

How to Apply: Interested and qualified candidates should Click here to apply online