Security Analyst (Vulnerability Management)

Moniepoint Inc. is Africa’s all-in-one financial ecosystem, helping 10 million businesses and individuals access seamless payments, banking, credit, and business management tools since 2019.

As Nigeria’s largest merchant acquirer, it powers most of the country’s Point of Sale (POS) transactions. Through its subsidiaries, Moniepoint Inc. processes $22 billion monthly for its customers while operating profitably.

Curious about what makes Moniepoint an incredible place to work? Check out posts on how we cultivate a culture of innovation, teamwork, and growth.

We are seeking a motivated and detail-oriented  Vulnerability Management Engineer to join our Information Security team. This role is responsible for executing key functions across the vulnerability management lifecycle - from discovery and assessment to remediation tracking and reporting - to enhance the organization’s overall security posture.

This is an entry-level role designed for candidates looking to build hands-on experience in vulnerability management, working closely with senior security engineers, IT teams, and product teams.

• Execute and monitor periodic vulnerability scans across internal infrastructure and cloud platforms.
• Conduct periodic scans to support compliance requirements.
• Perform External Attack Surface Assessments on internet-facing assets.
• Assist in validating scan results and identifying false positives.

• Analyze Vulnerability scan results to identify security gaps and potential threats.
• Prioritise Vulnerability scan report based on risk severity and business impact.
• Report findings to asset owners and relevant stakeholders for timely remediation.

• Collaborate with IT, System Administrators, and Product Teams to ensure vulnerabilities are remediated within defined Service Level Agreements (SLAs).
• Track remediation progress and follow up on outstanding vulnerabilities.
• Support implementation of mitigation strategies where immediate remediation is not possible.

• Assist in performing risk assessments related to identified vulnerabilities.
• Support documentation of risks and contribute to mitigation planning.
• Maintain awareness of evolving risk posture across systems.

• Support the operation and maintenance of vulnerability management tools.
• Assist in scan configuration, execution, result interpretation and reporting.

• Support vulnerability management activities aligned with standards such as PCI-DSS, ISO 27001, and NIST.
• Assist with audit preparation, including evidence gathering and documentations.
• Ensure scanning and remediation practices meet compliance requirements.

• Assist in creating dashboards and reports to visualize vulnerability trends, risk posture, and remediation performance.
• Maintain accurate records of vulnerabilities, remediation status, and scan history.
• Communicate findings clearly to both technical and non-technical stakeholders.

• Suggest improvements to scanning, reporting, and remediation workflows.

• Assist in Incident Response tasks and post-incident analysis when needed.

• Assist in Threat Intelligence tasks from internal and external sources when needed.
• Track emerging threats, vulnerabilities, and tactics used by relevant threat actors.
• Contribute to threat briefings and recommendations for security controls.

• Stay current with emerging vulnerabilities, threats, and cybersecurity trends.
• Participate in training, labs, and knowledge-sharing sessions.
• Continuously develop technical skills in security tools and methodologies.

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field.
• Good understanding of vulnerability management lifecycle, vulnerability scanning/patch management tools, SIEM, EDR, CSPM  is an advantage.
• Understanding of networking fundamentals, operating systems, and cloud concepts.
• Strong analytical and problem-solving skills.
• Ability to work collaboratively and willingness to learn.

• Entry-level certifications such as CompTIA Security+, ISC2 (CC), BTL1, eJPT
• Familiarity with Linux/Windows environments and cloud platforms (AWS, or GCP).
• Hands-on lab, internship, or project experience in security operations or vulnerability assessment.

• Culture -We put our people first and prioritize the well-being of every team member. We’ve built a company where all opinions carry weight and where all voices are heard. We value and respect each other and always look out for one another. Above all, we are human.
• Learning - We have a learning and development-focused environment with an emphasis on knowledge sharing, training, and regular internal technical talks.
• Compensation - You’ll receive an attractive salary, pension, health insurance,, Employee Stock Options, annual bonus, plus other benefits.
  

• A preliminary phone call with the recruiter
• A technical interview with a Team Lead
• A behavioural and technical interview with a member of the Executive team.