API & Database Auditor (Remote) at Moniepoint Incorporated

Moniepoint Incorporated is a global business payments and banking platform and recently became QED Investors’ first investment in Africa. We are the partner of choice for over 600,000 businesses of all sizes, powering the dreams of SMBs and providing them with equal access to the tools they need to grow and scale.

We are recruiting to fill the position below:

Job Title: API & Database Auditor

Location: Nigeria (Remote)

Role Overview

• The API & SQL Database Auditor is responsible for assessing the design, security, reliability, and compliance of application programming interfaces (APIs) and relational database systems.
• This role evaluates how data is accessed, processed, stored, and protected across applications, ensuring adherence to security standards, regulatory requirements, and internal controls.

Key Responsibilities
Audit & Compliance:

• Audit of Application Program Interfaces Security Controls.
• Audit REST, GraphQL, and internal APIs for governance, and compliance with organizational standards.
• Audit of Database Security Controls (e.g., MySQL, PostgreSQL, SQL Server, Oracle) for data integrity, availability, and confidentiality.
• Assess compliance with regulatory and industry frameworks (e.g., SOC 2, ISO 27001, PCI DSS, HIPAA, GDPR).
• Evaluate API versioning, lifecycle management, and deprecation controls.

Security & Risk Assessment:

• Identify risks related to authentication, authorization, rate limiting, and input validation.
• Review protection mechanisms against common threats (e.g., injection attacks, broken object-level authorization).
• Evaluate encryption practices (in transit and at rest).
• Assess secrets management for database credentials and API keys.
• Review database patching, vulnerability management, and hardening practices.

Data Governance & Integrity:

• Assess data classification, retention, and deletion policies.
• Review database schema design, constraints, indexing, and referential integrity controls.
• Evaluate logging, monitoring, and audit trails for data access and changes.
• Verify segregation of duties for database administration and application access.

Process & Controls Review:

• Review backup, replication, and disaster recovery processes.
• Assess performance monitoring, capacity planning, and availability controls.
• Evaluate change management processes for schema and API changes.
• Review third-party API integrations and data-sharing agreements.

Reporting & Advisory:

• Document audit findings with risk ratings and evidence.
• Provide clear, actionable remediation recommendations.
• Present findings to engineering, security, and data governance stakeholders.
• Track remediation progress and validate corrective actions.
• Participates in the other regular audits in the IT Audit Plan as assigned by the Head, IT Audit.

Skills & Competencies:

• SQL (analysis, permissions, schema review)
• API documentation and testing tools (Postman, Swagger/OpenAPI)
• Database security controls (roles, grants, auditing)
• Logging and monitoring solutions
• Encryption and key management concepts
• Strong analytical and investigative skills
• Ability to translate technical risks into business impact
• Clear written documentation and reporting
• Professional skepticism and attention to detail
• Ability to collaborate with engineering and security teams

Qualifications 

• Minimum of a Bachelor’s Degree in Computer Science, Information Systems, Cybersecurity, or related field (or equivalent experience).
• Certifications in one or more of the following will be an added advantage - CISA, ACA, CISSP, CISM, CRISC, MICROSOFT certifications, ORACLE, etc.
• Experience: Minimum of 5 years experience in application security, database administration, software engineering, or IT audit.
• Strong understanding of RESTful APIs and SQL-based databases.
• Experience reviewing authentication and authorization mechanisms (OAuth 2.0, JWT, API keys).
• Working knowledge of SQL querying and database security concepts.

What we can offer you

• Culture -We put our people first and prioritize the well-being of every team member. We’ve built a company where all opinions carry weight and where all voices are heard. We value and respect each other and always look out for one another. Above all, we are human.
• Learning - We have a learning and development-focused environment with an emphasis on knowledge sharing, training, and regular internal technical talks.
• Compensation - You’ll receive an attractive salary, pension, health insurance, annual bonus, plus other benefits.

Application Closing Date
Not Specified.

How to Apply
Interested and qualified candidates should:
Click here to apply online

What to expect in the hiring process

• A preliminary phone call with the recruiter
• Panel interview with a Manager
• Behavioral and technical interview with an Executive team member