Moniepoint is a financial technology company digitising Africa’s real economy by building a financial ecosystem for businesses, providing them with all the payment, banking, credit and business management tools they need to succeed.
Job Summary
- As a Senior Security Engineer, you will champion secure innovation by embedding security into the fabric of our software development lifecycle.
- You'll partner closely with engineering teams to safeguard customer trust while they build cutting-edge services.
- Your expertise will directly shape secure design through threat modeling and code review, drive efficiency via security automation, and mentor developers to elevate our collective security posture.
- The ideal candidate is a technical leader who blends deep security expertise with exceptional influence.
- You possess broad security knowledge anchored by specialization in critical areas, and excel at translating complex risks into actionable insights for both engineers and executives.
- Your strength lies in harmonizing diverse perspectives, strategically prioritizing risks, and guiding partners to implement resilient, secure solutions that balance speed and safety.
Key Responsibilities
Security Strategy & Leadership:
- Define and execute security strategy for product teams, aligning with business objectives.
- Lead threat modeling, security architecture reviews, and design guidance for diverse software projects.
- Mentor engineers technically and professionally, fostering a culture of security excellence.
Advanced Technical Execution:
- Conduct adversarial security analysis using automated tools and manual techniques (e.g., custom exploit development).
- Perform manual/automated secure code reviews across Java, Python, JavaScript, and cloud-native stacks.
- Develop security automation tools to scale vulnerability detection (SAST/DAST/IAST enhancements).
Risk Mitigation & Innovation:
- Identify complex risks through offensive security research; advocate for cutting-edge mitigation technologies.
- Solve novel security problems lacking predefined solutions (e.g., zero-day vulnerabilities, emergent attack vectors).
- Maintain and evolve threat models for critical applications and microservices architectures.
Collaboration & Enablement:
- Partner with the engineering team to embed security controls into CI/CD pipelines and development practices.
- Design/deliver security training programs tailored to development teams and business stakeholders.
- Lead incident response for application security events and drive root-cause analysis.
Qualifications
Required
- 5+ years in application security, including 2+ years in a senior / lead role.
- Expertise in threat modeling (e.g., STRIDE, PASTA), penetration testing, and secure SDLC implementation.Proficiency in code review for Java/Python/JavaScript and cloud platforms (AWS/Azure/GCP).
- Hands-on experience building security tools (e.g., scanners, CI plugins) with Python/Go.
- Proven track record in security architecture design and risk-based decision-making.
Preferred:
- OSCP, OSCE, GXPN, or similar offensive security certifications.
- Contributions to security tooling/open-source projects.
- Experience with container security (Kubernetes, Docker), serverless, or infrastructure-as-code.
Skills:
- Leadership: Ability to define team strategy, mentor engineers, and influence stakeholders.
- Innovation: Aptitude for researching/implementing novel solutions to ambiguous security challenges.
- Technical Depth: Mastery of application security frameworks (OWASP, NIST) and exploit techniques.
- Communication: Translate technical risks to business impact for executives and engineers alike.
- Execution: Drive implementation of security controls.
Method of Application
Signup to view application details.
Signup Now
