Senior Application Security Engineer

Who we are

Moniepoint Inc. is Africa’s all-in-one financial ecosystem, helping 10 million businesses and individuals access seamless payments, banking, credit, and business management tools since 2019.

As Nigeria’s largest merchant acquirer, it powers most of the country’s Point of Sale (POS) transactions. Through its subsidiaries, Moniepoint Inc. processes $22 billion monthly for its customers while operating profitably.

Curious about what makes Moniepoint an incredible place to work? Check out posts on how we cultivate a culture of innovation, teamwork, and growth._

About the role

Moniepoint is seeking a passionate Application Security Engineer to drive security across our services and development pipelines. In this role, you’ll champion security best practices, embed application security into the product lifecycles, and empower engineering teams to build and release safe products

Key Responsibilities

• Act as a Security Champion across product teams, influencing design and engineering decisions to prioritize security from the outset.
• Design solutions that are Secure by Design, integrating threat modeling and security requirements into feature architecture and design reviews.
• Promote and enforce Secure Coding standards through CI/CD automation, peer reviews, and development training to reduce vulnerabilities at the source.
• Lead Vulnerability Management & Remediation, overseeing identification, risk-based triage, and tracking of remediation efforts for security issues.
• Develop and maintain standard security packages (e.g., secure configuration baselines, code templates, CI/CD security integrations) for consistent use across engineering teams.
• Conduct and support Penetration Testing, both hands-on and automated to uncover vulnerabilities throughout environments, platforms, and release cycles.
• Enable continuous improvement through Collaboration & Enablement, delivering security knowledge transfer, best practices, and feedback loops across teams.

To succeed in this role, you should have

• 5+ years of hands-on experience in application security (AppSec), DevSecOps, or similar roles.
• Software engineer with a keen interest in Security.
• At least 2 years of experience working in an engineering team a plus
• Deep understanding of secure software development lifecycle (SDLC) and first-principles of secure-by-design engineering.
• Skilled in security scanning tools (e.g., SAST, DAST, SCA), incident and remediation workflows, and security automation.
• Proficiency in reading and writing code for Java/Python/JavaScript and cloud platforms (AWS/Azure/GCP)
• Proven experience with pentesting or red-team engagements, identifying and exploiting application-level vulnerabilities.
• Excellent communication skills, you're able to translate technical risks into actionable steps and help engineers incorporate security improvements.
• Comfortable building trust as a security mentor and champion, raising security maturity across teams with patience and influence.
• Contributions to security tooling/open-source projects.
• OSCP, OSCE, GXPN, or similar offensive security certifications a plus
• Experience with container sec

What we can offer you

• Culture -We put our people first and prioritize the well-being of every team member. We’ve built a company where all opinions carry weight and where all voices are heard. We value and respect each other and always look out for one another. Above all, we are human.
• Learning - We have a learning and development-focused environment with an emphasis on knowledge sharing, training, and regular internal technical talks.
• Compensation - You’ll receive an attractive salary, pension, health insurance,, Employee Stock Options, annual bonus, plus other benefits.