Summary
Overview
Work History
Education
Skills
Accomplishments
Interests
Timeline
Baking, Outdoor activities
Generic

Safoora Hansrod

Information Security Officer
Cape Town

Summary

Results-driven Leader with expertise in IT SOX, PCI, and P2PE audits. Delivered high performance through effective team development, mentoring, and hands-on management. Committed to continuous improvement and operational excellence within payments and card operations, utilizing strong analytical skills and attention to detail to manage multiple priorities in fast-paced environments.

Overview

16
16
years of professional experience
2
2
Languages

Work History

Information Security Officer

Ecentric Payment Systems (PTY) Ltd
Rondebosch, Cape Town
02.2025 - Current
  • Developed and implemented security policies to safeguard sensitive payment data.
  • Conducted risk assessments to identify vulnerabilities in information systems.
  • Coordinated incident response efforts to mitigate security breaches effectively.
  • Led cross-functional teams to enhance organizational compliance with industry regulations.
  • Develop, implement, test and review the organization’s information security to protect information/data and prevent unauthorized access to it;
  • Develop, establish and maintain standards, procedures and guidelines to promote the security of computer-based application systems;
  • Develop and maintain information and data classification guidelines, standards and procedures;
  • Identify and address exposures to accidental or intentional destruction, disclosure, modification, or interruption of information that may cause serious financial and/or information loss to the organization;
  • Oversaw the protection of electronic data processed and stored by the organization.
  • Maintain reporting line of employees: Performance; time management; integrity; quality of work; communication; escalations
  • Extensive working experience of PCI-DSS with experience in undertaking annual · Audits and revalidations; and
  • Extensive working experience of PCI-P2PE with experience in submissions and revalidations Accountabilities
  • Product owner for PCI DSS and PCI P2PE; · Manage the information security function in accordance with the established policies and guidelines; · Function as an internal consulting resource on information security issues;
  • Manage the information security risk assessment program;
  • Review compliance with the information security policy and associated procedures;
  • Coordinate information security efforts with all departments;
  • Stay current with changes in security risks, threats and requirements;
  • Coordinated and evaluated internal and external penetration test results to implement timely corrections.
  • Coordinate security orientation and security awareness programs;
  • Co-ordinate and review the results of periodic internal and external vulnerability scans and ensure that timeous mitigating and corrective action is taken, as appropriate;
  • Additionally, the ISM reviews systems to identify potential security weaknesses, recommend improvements to amend vulnerabilities, implement changes and document upgrades;
  • Perform information security risk analysis and periodic information system activity reviews for information security processes;
  • Oversaw key management processes to protect sensitive information. and ensuring associated security controls adhered;
  • Monitor changes in legislation and accreditation standards that affect information security;
  • Monitor and control specific security improvement projects;
  • Monitor Business-As-Usual evidence and controls; · Perform security reviews of offsite storage locations, logical and user access management and reviews;
  • Performed risk analyses to identify appropriate security countermeasures.
  • Conducted security audits to identify vulnerabilities.
  • Ensured consistent application of security best practices throughout software development life cycles by collaborating closely with development teams on secure coding techniques and tools.
  • Spearheaded cybersecurity awareness training programs for employees, fostering a culture of security-conscious behavior across the company.
  • Served as the organization''s point of contact for all matters related to information security, liaising with external partners and law enforcement agencies as necessary.
  • Reduced risk of data breaches by conducting regular vulnerability assessments and penetration tests.
  • Coordinated with external auditors to ensure successful completion of annual regulatory compliance audits.
  • Cultivated relationships with key stakeholders across both technical and non-technical departments, ensuring a cohesive approach to information security efforts.
  • Developed comprehensive information security policies for the organization, ensuring compliance with industry best practices.
  • Designed and delivered training programs on cybersecurity best practices for staff.
  • Perform internal audits as well as coordinate security audits;
  • Co-ordinate and manage compliance and security external audits;
  • Co-ordinate and review key management functions, processes and audits; and
  • Any task specifically related to information security not specifically defined above

Information Security Analyst

Ecentric Payment Systems
Rondebosch, Cape Town
05.2019 - Current
  • Driving PCI-DSS compliance
  • Conducted evidence collection and review to support PCI-DSS compliance.
  • Collected and submitted evidence for PCI-DSS compliance punctually.
  • Performing evidence collection and review
  • Oversaw vulnerability management to enhance overall cybersecurity posture.
  • Monitoring vulnerability scan schedules
  • Reviewing vulnerability scan
  • Reporting on findings and ensuring remediation occurs timeously
  • Executed key management activities to ensure data security.
  • Responsibility of Internal Auditor for Key ceremonies, requiring me to lead key ceremonies
  • Ensure key ceremonies are scheduled and go according to process.
  • Managing custodians and key components.
  • Ensuring HSMs are inspected quarterly
  • Scheduled key management activities, provided client feedback, and ensured completion of all related documentation.
  • Ensured compliance with PCI-DSS through strict adherence to established controls.

Compliance Administrator

Net1 UEPS Technologies [EasyPay (Pty) Ltd]
Rondebosch, Cape Town
12.2014 - 04.2019
  • Coordinated administration tasks for the Compliance function to ensure adherence to regulatory standards
  • Monitoring and maintenance of required compliance evidence for SOX and PCI Audits conducted annually
  • Assist with the designing of internal controls, systems, policies and procedures to ensure compliance with applicable legislation and industry guidelines.
  • Assist with the Identifying of potential areas of compliance vulnerability and risk, develop and implement corrective action plans for resolving problematic issues and provide general guidance on how to avoid or deal with similar situations in future.
  • Assists Compliance Manager with creating legislative awareness within the business and provide training if necessary.
  • Developed and implemented new procedures to streamline office operations and ensure compliance
  • Change Control co-ordination and administration, audit checks and releasing
  • Maintenance of IT Security Policy and Procedure documentation
  • General compliance-related filing and archiving
  • Create and process new procedures within the set-up and running of the office
  • Supported Compliance Manager in raising legislative awareness across the business and facilitating necessary training sessions.
  • Strong time management and organizational skills
  • Managed key inventory and access control for sensitive areas.
  • Facilitated health and safety training sessions for staff compliance.
  • Taking and distributing meeting minutes
  • Working knowledge, understanding and application of industry related legislative requirements .
  • Researched special topics to support project needs.
  • Administrative experience in the corporate environment interfacing with senior and executive level management
  • Ensured compliance with regulatory requirements through detailed audits and assessments.
  • Conducted employee training sessions on compliance policies and procedures.
  • Developed and implemented internal controls to mitigate compliance risks.
  • Reviewed and updated company policies to align with changing regulations.
  • Led investigations into compliance breaches, recommending corrective actions as necessary.
  • Streamlined internal processes by updating and maintaining accurate compliance documentation.
  • Developed training materials to educate employees on relevant rules, regulations, and best practices for maintaining compliance standards.
  • Collaborated with cross-functional teams to ensure alignment of business operations with regulatory requirements.
  • Evaluated the effectiveness of current controls to ensure appropriate mitigation strategies were in place to address identified risks.
  • Contributed to the successful completion of external audits by working closely with auditors and providing requested documentation in a timely manner.
  • Improved employee engagement by delivering targeted training sessions on key aspects of regulatory requirements pertinent to their job functions .
  • Maintained up-to-date knowledge of industry trends, emerging issues, and changes in regulations that could impact the organization''s compliance status.
  • Assisted in developing risk assessment methodologies to identify potential areas of non-compliance exposure.
  • Managed compliance efforts, reporting and audits.
  • Prepared records and data for regular audits.
  • Prepared and presented comprehensive reports to upper management and audit team, covering issues and recommendations.
  • Developed and delivered training programs to inform new and current employees about compliance issues.
  • Conducted periodic compliance audits and reviews to identify areas of improvement.

Operations Manager: Chargebacks, Disputes and Fraud (SASSA)

Net1 UEPS Technologies
Rosebank, Johannesburg
08.2012 - 12.2014
  • Facilitated ongoing communication between departments to foster a culture of continuous improvement.
  • Resolving account reconciliation issues quickly
  • Reconciled discrepancies efficiently and in a timely manner.
  • Maintain suspense accounts and identify discrepancies
  • Identified skill gaps within the team and implemented training programs to address these needs.
  • Training of staff to ensure that everyone is performing adequately in their role.
  • Provided leadership support to teams, motivating staff to meet and exceed production goals.
  • Ensuring key performance indicators are in place
  • Implementation of any new policies and procedures relating to the production process.
  • Introducing and managing in-house IT systems ensuring that they are fit for purpose.
  • Escalate system issues and addressing with IT
  • Reconciling and Invoicing merchants for rebates/commission
  • Logging compliance cases through PASA
  • Escalate technical system issues to acquiring banks.
  • Reviewing reports to monitor financial suspense accounts of which are not managed efficiently will result in a financial loss to the business.
  • Compile and finalise write-off schedules
  • Ensure that the compliance aspect of the business is not at risk in terms of Chargeback Operations and technical issues
  • Implemented risk management strategies to mitigate potential losses.
  • Effective management of Direct reports: To ensure direct reports are enabled to perform effectively through:
  • Ensuring they have the required resources available. Understand what is required of them and in cases of poor performance, the ability to coach, counsel, manage and mentor as well as identify possible training requirements.
  • Risk Management
  • Manage Change, Conflict and Performance.
  • Attend monthly PASA meetings and address any issues raised
  • Streamlined operational processes to enhance efficiency and reduce turnaround time.
  • Developed and maintained key performance indicators for operational excellence and accountability.
  • Mentored junior staff on best practices in operations management, fostering a culture of learning and growth.
  • Implemented cost-saving measures through effective vendor negotiations and process optimization strategies.
  • Conducted regular performance reviews to assess team effectiveness and align with organizational goals.
  • Supervised operations staff and kept employees compliant with company policies and procedures.
  • Led hiring, onboarding and training of new hires to fulfill business requirements.
  • Analyzed and reported on key performance metrics to senior management.
  • Managed budgets effectively, consistently delivering projects on-time and within financial constraints.
  • Achieved higher employee retention rates by fostering a positive work environment and providing opportunities for professional growth.
  • Assisted in recruiting, hiring and training of team members.
  • Trained and guided team members to maintain high productivity and performance metrics.
  • Tracked employee attendance and punctuality, addressing repeat problems quickly to prevent long-term habits.
  • Handled problematic customers and clients to assist lower-level employees and maintain excellent customer service.
  • Reduced operational risks while organizing data to forecast performance trends.

Operations Manager: Chargebacks

Nedbank (Pty) Ltd
Sandton, Johannesburg
10.2010 - 08.2012
  • Maintain suspense accounts and identify discrepancies
  • Reconciled discrepancies efficiently and in a timely manner.
  • Resolved account reconciliation issues to maintain accuracy and compliance.
  • Answered client and customer questions regarding accounts and any discrepancies
  • Reviewing reports to monitor financial suspense accounts which are not managed efficiently will result in a financial loss to the business as the chargeback environment have to adhere to strict timeframes.
  • Ensure that the compliance aspect of the business is not at risk in terms of Chargeback Operations
  • Reconciling and overseeing suspense accounts.
  • Manage Financial and Business Results
  • Executed active operations management to streamline processes.
  • Manage Transformation and Innovation
  • Management of ad hoc projects (End to end management of allocated projects, monitoring and effective communication to stakeholders)
  • Risk Management
  • Effective management of Direct reports
  • Identify possible training requirements
  • Deal with HR issues such as disciplinary, counselling, poor performance etc.
  • In cases of poor performance, the ability to coach, counsel, manage
  • Facilitation and application of best practice initiatives in NBPL branches (Identify best practice opportunities within sales, Identify best practice opportunities within sales, Implement best practices within sales)
  • Financial analysis of data and recommendations made, analyse data and compile weekly/monthly/ad-hoc reports, make recommendations based on analysis of reports
  • Monitor work-in-progress
  • Documented telephonic call activities to ensure accurate records.
  • Generated month-end financial reports to summarize performance.
  • Implemented risk management strategies to mitigate potential issues.
  • Keep accurate attendance daily registers for the area and all standard times signed off by me.
  • Monitoring staff behaviour.
  • Performance Appraisals with staff reviewed monthly to ensure volumes are aligned with actual capacity
  • Weekly, One on One held with direct reports
  • Identified training requirements to enhance team skills and performance.
  • Action GLP070 reports (branch budget report) daily. Manage exceptions and financial entries
  • Identifying any skill gaps in the team and undertaking a training programme to support this.
  • AOM (Active Operations Management)
  • Motivated staff to improve team performance and morale.
  • Manage Self and Team
  • Understand what is required of them
  • Have a basic understanding of Labour Laws
  • Knowledge of Company Policies, Procedures, Strategy Mission
  • Manage Change, Conflict and Performance
  • Action GLP070 reports (branch budget report) daily. Manage exceptions and financial entries
  • Streamlined operational processes to enhance efficiency and reduce turnaround times.
  • Led cross-functional teams to implement strategic initiatives aligning with organizational goals.
  • Coordinated project timelines and deliverables, ensuring timely execution of key objectives.
  • Facilitated regular team meetings to drive communication, collaboration, and continuous improvement efforts.
  • Supervised operations staff and kept employees compliant with company policies and procedures.
  • Empowered employees to take ownership of their responsibilities, leading to increased accountability and improved performance outcomes.
  • Conducted regular performance reviews, identifying areas for improvement and developing action plans to address them.
  • Led hiring, onboarding and training of new hires to fulfill business requirements.
  • Enhanced customer satisfaction by establishing clear communication channels and addressing concerns promptly.
  • Achieved higher employee retention rates by fostering a positive work environment and providing opportunities for professional growth.
  • Spearheaded process improvements, resulting in increased productivity and reduced operational costs.
  • Assisted in recruiting, hiring and training of team members.
  • Tracked employee attendance and punctuality, addressing repeat problems quickly to prevent long-term habits.
  • Handled problematic customers and clients to assist lower-level employees and maintain excellent customer service.
  • Observed each employee's individual strengths and initiated mentoring program to improve areas of weakness.
  • Reported issues to higher management with great detail.
  • Launched staff engagement, gender diversity and cultural programs in addition to robust reporting tool that increased operational quality.

Education

High School Diploma - Endorsement

Huguenot High School
Wellington
04.2001 -

Basic And Advanced Dispute Resolution - Basic And Advanced Dispute Resolution, Visanet Operational Management

Visa Business School
Johannesburg, South Africa
04.2001 -

Active Operations Management - Business Management

Active Operations Management (AOM International)
Johannesburg
04.2001 -

Mastercard - Exploring M/CHIP Advanced, Authorization Operations, Clearing and Settlement Services, Profitable Card Management, Introduction to Mastercard

MasterCard Academy
Johannesburg
04.2001 -

PCI DSS Professional Training - PCI Professional Training

LiquidNexxus Limited
Cape Town
04.2001 -

Business Management - Entrepreneurship, Higher Certificate in Management

Southern Business School
Cape Town
04.2001 -

Excel - Project Management

Excel With Business
Online
04.2001 -

Skills

Data protection

Vulnerability assessment

Security training

Compliance oversight

Credit risk

Understanding banking systems

Technical/specialist skills

Data analysis

Analytical Skills

Microsoft applications

MS Office

Quality assurance standards

Facilitating change

Continuous improvement

Management skills

Accomplishments

  • Certificate of Excellence in Visa Rehabilitations - Apr/May 2002
  • Accolade Award for Card Processing Operations – June to December 2003
  • New Woolies Way Workshop enabling to contribute to a more pleasant service environment
  • Service Excellence 2011-2012

Interests

Outdoor Activities, Baking

Timeline

Information Security Officer

Ecentric Payment Systems (PTY) Ltd
02.2025 - Current

Information Security Analyst

Ecentric Payment Systems
05.2019 - Current

Compliance Administrator

Net1 UEPS Technologies [EasyPay (Pty) Ltd]
12.2014 - 04.2019

Operations Manager: Chargebacks, Disputes and Fraud (SASSA)

Net1 UEPS Technologies
08.2012 - 12.2014

Operations Manager: Chargebacks

Nedbank (Pty) Ltd
10.2010 - 08.2012

High School Diploma - Endorsement

Huguenot High School
04.2001 -

Basic And Advanced Dispute Resolution - Basic And Advanced Dispute Resolution, Visanet Operational Management

Visa Business School
04.2001 -

Active Operations Management - Business Management

Active Operations Management (AOM International)
04.2001 -

Mastercard - Exploring M/CHIP Advanced, Authorization Operations, Clearing and Settlement Services, Profitable Card Management, Introduction to Mastercard

MasterCard Academy
04.2001 -

PCI DSS Professional Training - PCI Professional Training

LiquidNexxus Limited
04.2001 -

Business Management - Entrepreneurship, Higher Certificate in Management

Southern Business School
04.2001 -

Excel - Project Management

Excel With Business
04.2001 -

Baking, Outdoor activities

Hobbies 

Outdoor activities 

Baking

Languages

English

Afrikaans

Safoora HansrodInformation Security Officer