Vulnerability Management Analyst (Remote) at Moniepoint Incorporated

Moniepoint Incorporated is a global business payments and banking platform and recently became QED Investors’ first investment in Africa. We are the partner of choice for over 600,000 businesses of all sizes, powering the dreams of SMBs and providing them with equal access to the tools they need to grow and scale.

We are recruiting to fill the position below:

Job Title: Vulnerability Management Analyst

Location: Nigeria (Remote)

Role Overview

• We are seeking a motivated and detail-oriented Vulnerability Management Engineer to join our Information Security team.
• This role is responsible for executing key functions across the vulnerability management lifecycle - from discovery and assessment to remediation tracking and reporting - to enhance the organization’s overall security posture.
• This is an entry-level role designed for candidates looking to build hands-on experience in vulnerability management, working closely with senior security engineers, IT teams, and product teams.

Key Responsibilities
Vulnerability Discovery and Assessment:

• Execute and monitor periodic vulnerability scans across internal infrastructure and cloud platforms.
• Conduct periodic scans to support compliance requirements.
• Perform External Attack Surface Assessments on internet-facing assets.
• Assist in validating scan results and identifying false positives.

Analysis, Prioritization, and Reporting:

• Analyze Vulnerability scan results to identify security gaps and potential threats.
• Prioritise Vulnerability scan report based on risk severity and business impact.
• Report findings to asset owners and relevant stakeholders for timely remediation.

Remediation and Tracking:

• Collaborate with IT, System Administrators, and Product Teams to ensure vulnerabilities are remediated within defined Service Level Agreements (SLAs).
• Track remediation progress and follow up on outstanding vulnerabilities.
• Support implementation of mitigation strategies where immediate remediation is not possible.

Risk Management:

• Assist in performing risk assessments related to identified vulnerabilities.
• Support documentation of risks and contribute to mitigation planning.
• Maintain awareness of evolving risk posture across systems.

Security Tools and Technologies:

• Support the operation and maintenance of vulnerability management tools.
• Assist in scan configuration, execution, result interpretation and reporting.

Compliance and Standards:

• Support vulnerability management activities aligned with standards such as PCI-DSS, ISO 27001, and NIST.
• Assist with audit preparation, including evidence gathering and documentations.
• Ensure scanning and remediation practices meet compliance requirements.

Reporting and Metrics:

• Assist in creating dashboards and reports to visualize vulnerability trends, risk posture, and remediation performance.
• Maintain accurate records of vulnerabilities, remediation status, and scan history.
• Communicate findings clearly to both technical and non-technical stakeholders.
• Suggest improvements to scanning, reporting, and remediation workflows.

Support Incident Response & Threat Intelligence Units:

• Assist in Incident Response tasks and post-incident analysis when needed.
• Assist in Threat Intelligence tasks from internal and external sources when needed.
• Track emerging threats, vulnerabilities, and tactics used by relevant threat actors.
• Contribute to threat briefings and recommendations for security controls.

Continuous Learning and Improvement:

• Stay current with emerging vulnerabilities, threats, and cybersecurity trends.
• Participate in training, labs, and knowledge-sharing sessions.
• Continuously develop technical skills in security tools and methodologies.

Qualifications

• Bachelor’s Degree in Cybersecurity, Computer Science, Information Technology, or a related field.
• Good understanding of vulnerability management lifecycle, vulnerability scanning/patch management tools, SIEM, EDR, CSPM  is an advantage.
• Understanding of networking fundamentals, operating systems, and cloud concepts.
• Strong analytical and problem-solving skills.
• Ability to work collaboratively and willingness to learn.

Preferred (Nice to Have):

• Entry-level certifications such as CompTIA Security+, ISC2 (CC), BTL1, eJPT
• Familiarity with Linux/Windows environments and cloud platforms (AWS, or GCP).
• Hands-on lab, internship, or project experience in security operations or vulnerability assessment.

What we can offer you

• Culture -We put our people first and prioritize the well-being of every team member. We’ve built a company where all opinions carry weight and where all voices are heard. We value and respect each other and always look out for one another. Above all, we are human.
• Learning - We have a learning and development-focused environment with an emphasis on knowledge sharing, training, and regular internal technical talks.
• Compensation - You’ll receive an attractive salary, pension, health insurance,, Employee Stock Options, annual bonus, plus other benefits.

Application Closing Date
Not Specified.

Method of Application
Interested and qualified candidates should:
Click here to apply online

What to expect in the hiring process

• A preliminary phone call with the recruiter
• An interview with a business lead.
• A behavioural and technical interview with a member of the executive team.