Moniepoint Inc. is Africa’s all-in-one financial platform, helping 20 million businesses and individuals access seamless payments, banking, credit, cross-border, and business management tools each month.
As Nigeria’s largest merchant acquirer, we power most of the country’s point-of-sale (POS) transactions. Through our subsidiaries, Moniepoint Inc. processes over $250 billion in digital payment transaction value annually.
About the Role
- Moniepoint is seeking a passionate Application Security Engineer to drive security across our services and development pipelines.
- In this role, you’ll champion security best practices, embed application security into the product lifecycles, and empower engineering teams to build and release safe products
Key Responsibilities
- Act as a Security Champion across product teams, influencing design and engineering decisions to prioritize security from the outset.
- Design solutions that are Secure by Design, integrating threat modeling and security requirements into feature architecture and design reviews.
- Promote and enforce Secure Coding standards through CI/CD automation, peer reviews, and development training to reduce vulnerabilities at the source.
- Lead Vulnerability Management & Remediation, overseeing identification, risk-based triage, and tracking of remediation efforts for security issues.
- Develop and maintain standard security packages (e.g., secure configuration baselines, code templates, CI/CD security integrations) for consistent use across engineering teams.
- Conduct and support Penetration Testing, both hands-on and automated to uncover vulnerabilities throughout environments, platforms, and release cycles.
- Enable continuous improvement through Collaboration & Enablement, delivering security knowledge transfer, best practices, and feedback loops across teams.
To succeed in this role, you should have
- 3 - 5 years of hands-on experience in application security (AppSec), DevSecOps, or similar roles.
- Software engineer with a keen interest in Security.
- At least 2 years of experience working in an engineering team a plus
- Deep understanding of secure software development lifecycle (SDLC) and first-principles of secure-by-design engineering.
- Skilled in security scanning tools (e.g., SAST, DAST, SCA), incident and remediation workflows, and security automation.
- Proficiency in reading and writing code for Java/Python/JavaScript and cloud platforms (AWS/Azure/GCP)
- Proven experience with pentesting or red-team engagements, identifying and exploiting application-level vulnerabilities.
- Excellent communication skills, you're able to translate technical risks into actionable steps and help engineers incorporate security improvements.
- Comfortable building trust as a security mentor and champion, raising security maturity across teams with patience and influence.
- Contributions to security tooling/open-source projects.
- OSCP, OSCE, GXPN, or similar offensive security certifications a plus
- Experience with container sec
What to expect in the hiring process:
- A preliminary phone call with the recruiter
- A take home assessment
- A technical interview with a lead in our Engineering Team
- A behavioural and technical interview with a member of the Executive team.