Who we are

Moniepoint Inc. is Africa’s all-in-one financial ecosystem, helping 10 million businesses and individuals access seamless payments, banking, credit, and business management tools since 2019.

As Nigeria’s largest merchant acquirer, it powers most of the country’s Point of Sale (POS) transactions. Through its subsidiaries, Moniepoint Inc. processes $22 billion monthly for its customers while operating profitably.

Curious about what makes Moniepoint an incredible place to work? Check out posts on how we cultivate a culture of innovation, teamwork, and growth.

Role Overview:

We are seeking a motivated and detail-oriented  Vulnerability Management Engineer to join our Information Security team. This role is responsible for executing key functions across the vulnerability management lifecycle - from discovery and assessment to remediation tracking and reporting - to enhance the organization’s overall security posture.

This is an entry-level role designed for candidates looking to build hands-on experience in vulnerability management, working closely with senior security engineers, IT teams, and product teams.

Key Responsibilities

Vulnerability Discovery and Assessment

• Execute and monitor periodic vulnerability scans across internal infrastructure and cloud platforms.
• Conduct periodic scans to support compliance requirements.
• Perform External Attack Surface Assessments on internet-facing assets.
• Assist in validating scan results and identifying false positives.

Analysis, Prioritization, and Reporting

• Analyze Vulnerability scan results to identify security gaps and potential threats.
• Prioritise Vulnerability scan report based on risk severity and business impact.
• Report findings to asset owners and relevant stakeholders for timely remediation.

Remediation and Tracking

• Collaborate with IT, System Administrators, and Product Teams to ensure vulnerabilities are remediated within defined Service Level Agreements (SLAs).
• Track remediation progress and follow up on outstanding vulnerabilities.
• Support implementation of mitigation strategies where immediate remediation is not possible.

Risk Management

• Assist in performing risk assessments related to identified vulnerabilities.
• Support documentation of risks and contribute to mitigation planning.
• Maintain awareness of evolving risk posture across systems.

Security Tools and Technologies

• Support the operation and maintenance of vulnerability management tools.
• Assist in scan configuration, execution, result interpretation and reporting.

Compliance and Standards

• Support vulnerability management activities aligned with standards such as PCI-DSS, ISO 27001, and NIST.
• Assist with audit preparation, including evidence gathering and documentations.
• Ensure scanning and remediation practices meet compliance requirements.

Reporting and Metrics

• Assist in creating dashboards and reports to visualize vulnerability trends, risk posture, and remediation performance.
• Maintain accurate records of vulnerabilities, remediation status, and scan history.
• Communicate findings clearly to both technical and non-technical stakeholders.

• Suggest improvements to scanning, reporting, and remediation workflows.

Support Incident Response & Threat Intelligence Units

• Assist in Incident Response tasks and post-incident analysis when needed.

• Assist in Threat Intelligence tasks from internal and external sources when needed.
• Track emerging threats, vulnerabilities, and tactics used by relevant threat actors.
• Contribute to threat briefings and recommendations for security controls.

Continuous Learning and Improvement

• Stay current with emerging vulnerabilities, threats, and cybersecurity trends.
• Participate in training, labs, and knowledge-sharing sessions.
• Continuously develop technical skills in security tools and methodologies.

Qualifications

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field.
• Good understanding of vulnerability management lifecycle, vulnerability scanning/patch management tools, SIEM, EDR, CSPM  is an advantage.
• Understanding of networking fundamentals, operating systems, and cloud concepts.
• Strong analytical and problem-solving skills.
• Ability to work collaboratively and willingness to learn.

Preferred (Nice to Have)

• Entry-level certifications such as CompTIA Security+, ISC2 (CC), BTL1, eJPT
• Familiarity with Linux/Windows environments and cloud platforms (AWS, or GCP).
• Hands-on lab, internship, or project experience in security operations or vulnerability assessment.

What we can offer you

• Culture -We put our people first and prioritize the well-being of every team member. We’ve built a company where all opinions carry weight and where all voices are heard. We value and respect each other and always look out for one another. Above all, we are human.
• Learning - We have a learning and development-focused environment with an emphasis on knowledge sharing, training, and regular internal technical talks.
• Compensation - You’ll receive an attractive salary, pension, health insurance,, Employee Stock Options, annual bonus, plus other benefits.
  

What to expect in the hiring process

• A preliminary phone call with the recruiter
• A technical interview with a Team Lead
• A behavioural and technical interview with a member of the Executive team. 

Who we are

Moniepoint Inc. is Africa’s all-in-one financial ecosystem, helping 10 million businesses and individuals access seamless payments, banking, credit, and business management tools since 2019.

As Nigeria’s largest merchant acquirer, it powers most of the country’s Point of Sale (POS) transactions. Through its subsidiaries, Moniepoint Inc. processes $22 billion monthly for its customers while operating profitably.

Curious about what makes Moniepoint an incredible place to work? Check out posts on how we cultivate a culture of innovation, teamwork, and growth.

Role Overview:

The Threat Intelligence Analyst will support Moniepoint’s security operations by monitoring, analyzing, and reporting on emerging cyber threats targeting the financial sector. This role is ideal for early-career cybersecurity professionals looking to build hands-on experience in threat intelligence, OSINT, and adversary analysis within a fast-paced fintech environment.

The analyst will work closely with SOC, Fraud Operations, Product Security and other relevant stakeholders to translate threat data into actionable intelligence.

Key Responsibilities

Threat Monitoring & Collection

• Monitor open-source, dark web, and underground forums for threats relevant to Moniepoint and the financial sector
• Track ransomware groups, stealer malware, phishing campaigns, brand impersonation, and fraud-related threats
• Collect Indicators of Compromise (IOCs) including domains, IPs, URLs, hashes, and malicious infrastructure

Analysis & Intelligence Production

• Perform basic triage and analysis of threat data to determine relevance and risk
• Assist in identifying adversary tactics, techniques, and procedures (TTPs)
• Support mapping of threats to MITRE ATT&CK where applicable
• Contribute to daily, weekly, and ad-hoc threat intelligence reports

Stakeholder Support

• Share relevant intelligence with relevant stakeholders
• Assist in validating alerts and external threat reports
• Support investigations related to phishing, account takeover, and third-party risks

Documentation & Continuous Improvement

• Maintain threat logs, actor profiles, and intelligence repositories
• Document analytical findings clearly and concisely
• Learn and apply CTI frameworks, tools, and best practices

Support Incident Response & Vulnerability Management Units

• Assist in Incident Response tasks and post-incident analysis when needed.
• Assist in Threat Intelligence tasks from internal and external sources when needed.
• Conduct regular vulnerability scans and assessments on networks, systems, and applications.
• Analyze scan results to identify vulnerabilities, potential risks and ensure timely remediation.

Required Qualifications

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or related field
• Good understanding of cybersecurity concepts (malware, phishing, ransomware, fraud)
• Familiarity with OSINT concepts and publicly available intelligence sources
• Strong analytical and critical-thinking skills
• Good written communication skills with attention to detail

Preferred / Nice-to-Have

• 3 - 5 years of Experience in SOC, IR or Threat Intelligence
• Familiarity with MITRE ATT&CK, Pyramid of Pain, or Diamond Model
• Good knowledge of SIEM, EDR, Threat Intelligence Tools, OSINT Tools.
• Exposure to fintech or financial-sector threats is a good advantage.
• Certifications such as Security+,EC-Council CTIA

What we can offer you

• Culture -We put our people first and prioritize the well-being of every team member. We’ve built a company where all opinions carry weight and where all voices are heard. We value and respect each other and always look out for one another. Above all, we are human.
• Learning - We have a learning and development-focused environment with an emphasis on knowledge sharing, training, and regular internal technical talks.
• Compensation - You’ll receive an attractive salary, pension, health insurance,, Employee Stock Options, annual bonus, plus other benefits.
  

What to expect in the hiring process

• A preliminary phone call with the recruiter
• A technical interview with a Team Lead
• A behavioural and technical interview with a member of the Executive team. 

BeyondTrust is a place where you can bring your purpose to life through the work that you do, creating a safer world through our cybersecurity SaaS portfolio.

Our culture of flexibility, trust, and continual learning means you will be recognized for your growth, and for the impact you make on our success. You will be surrounded by people who challenge, support, and inspire you to be the best version of yourself.

The Role

Identify, generate, qualify, and close new business for customers and prospects in a defined territory.  Responsible for managing the full sales lifecycle, building the go-to-market plan (including direct and indirect business). 

What You’ll Do

• Develop new and existing accounts within defined territory
• Complete and maintain a territory sales plan which outlines a road map to success
• Responsible for meeting or exceeding your monthly, quarterly, and annual quota by proactively prospecting for All Product Lines and opportunities with new and existing customers
• Responsible for sales forecasting, lead generation, prospecting, and account management through the close cycle
• Maintain accurate Whitespace data on customer and focus prospect accounts
• Partner closely with Vice President, SE’s, PAM’s and wider POD to deliver strategic goals
• Algin with Channel team and Channel Partners to deliver value to our customers and BeyondTrust wherever possible
• Align with SDR team to proactively cover your total addressable market (focus and non-focus territory accounts)
• Attend corporate trade shows and events
• Maintain sales pipeline activity in Salesforce
• Schedule and conduct product demonstrations and detailed presentations to prospects, customers and partners. SE support is available
• Lead RFP responses for your accounts

What You’ll Bring

• Bachelor’s degree or equivalent work experience
• 2 - 4+ years customer-facing sales experience with security, PAM, Identity Management, or IT related software 
• Proven track record of meeting or exceeding sales quota
• Established network and relationships with senior IT professionals
• Excellent communication and influencing skills
• Ability to travel within a defined region (approx. 25%)

Nice To Have

• Completed sales training (MEDDICC, Command the Message, Sandler, SPIN, DISC, TAS, Miller)

Better Together

Diversity. Inclusion. They’re more than just words for us. They are the guiding values of how we build our teams, cultivate leaders, and create a culture where people feel connected.

We take care of our employees so they can take care of our customers. Customers who come from all walks of life just like us. We hire incredible people from diverse backgrounds because when we are different together, we are stronger together.

About Us

BeyondTrust is the global identity security leader protecting Paths to Privilege™. Our identity-centric approach goes beyond securing privileges and access, empowering organizations with the most effective solution to manage the entire identity attack surface and neutralize threats, whether from external attacks or insiders.

BeyondTrust is leading the charge in transforming identity security to prevent breaches and limit the blast radius of attacks, while creating a superior customer experience and operational efficiencies. We are trusted by 20,000 customers, including 75 of the Fortune 100, and our global ecosystem of partners.

Learn more at www.beyondtrust.com. 

#LI-BG1

Who we are

Moniepoint is a financial technology company digitising Africa’s real economy by building a financial ecosystem for businesses, providing them with all the payment, banking, credit and business management tools they need to succeed. 

About the role

Location: Remote (Full-time)

How Will You Create Impact?

• Develop and implement the annual ITGC and ITACs internal control assessments plan across all IT and cybersecurity domains, ensuring alignment with the COSO framework , relevant ISO standards and the standard Moniepoint MFB business requirements.
• Plan and execute internal control assessments to establish the adequacy and effectiveness of information systems and critical infrastructure within Moniepoint MFB and to determine whether information systems are protected, controlled, and meet the intended functional design of business models defined in BRD/PRD.
• Assess the IT and Cybersecurity risk ownership and their related risk registers to determine whether the risk universe has been sufficiently captured and mitigating controls adequately designed and operated
• Assess the monitoring and reporting of IT and CyberSecurity key performance indicators (KPI/OKRs) and the IT/CyberSecurity key risk indicators (KPIs), incorporating metrics relevant to the effectiveness of controls.
• Assess and report on Moniepoint MFB’s ability to continue business operations, storage, back-up, and restoration policies and processes for effectiveness and resilience.
• Assess logical, physical, and environmental controls within Moniepoint MFB to verify the confidentiality, integrity, and availability of information assets
• Assess controls at all stages of the information systems development life cycle.
• Assess the governance around information systems for gaps in implementation and change management.
• Assess the level of post-implementation reviews on systems in place to determine whether project deliverables, controls, and requirements are met.
• Assess Moniepoint MFB’s database management practices, data governance program, and privacy program.
• Assess data classification practices for alignment with the Moniepoint MFB data governance program, privacy program, and applicable external requirements.
• Assess Moniepoint MFB’s problem and incident management program.
• Assess Moniepoint MFB’s change, configuration, release, and patch management programs, evaluating their effectiveness in mitigating vulnerabilities.
• Assess Moniepoint MFB’s log management program, testing and reporting on its role in detective controls.
• Assess IT strategy, governance, and organizational structure for alignment with the enterprise risk management posture of Moniepoint MFB, integrating principles from ISO 31000.
• Oversee the communication and collection of feedback on controls design and operational effectiveness tests, general control assessment findings and recommendations with stakeholders within Moniepoint MFB, ensuring clear and timely information exchange.
• Develop and manage the control deficiency remediation dashboard for follow-up and closure of open findings from control assessment, internal audit, and any external examination and assessment for each SBU and specific core units within Moniepoint MFB.
• Oversee the conduct of post-review follow-up assessments to evaluate whether all identified open findings from all assessments have been sufficiently mitigated.
• Carry out any other task, as might be assigned or becomes necessary to improve the information system security posture and the internal control maturity model of Moniepoint MFB, with a continuous focus on the principles of the COSO framework and the specified ISO standards.

Skills and Qualifications

• Educational Background: A Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field.
• Certifications: Relevant professional certifications such as CISA (Certified Information Systems Auditor), CISSP (Certified Information Security Professional), or others related to IT audit, cybersecurity, or risk management.
• Experience: Proven experience in IT internal control assessments, IT auditing, or a related field, with a strong understanding of IT General Controls (ITGC) and IT Application Controls (ITACs). Experience in the banking or financial services sector is often preferred.
• Framework and Standard Knowledge: In-depth knowledge and practical experience with the COSO internal control framework and relevant ISO standards, including ISO 31000 (Risk Management), ISO 27001 (Information Security), ISO 22301 (Business Continuity), ISO 37301 (Compliance Management), and ISO 9001:2015 (Quality Management System).
• Technical Understanding: A solid understanding of information systems, critical infrastructure, cybersecurity domains  and the information systems development life cycle.
• Assessment Skills: Strong planning and execution skills for conducting internal control assessments, including design and operations effectiveness testing.
• Risk Management: Experience in assessing IT and CyberSec risk ownership, risk registers, and integrating principles from ISO 31000.
• Communication: Excellent written and verbal communication skills to effectively communicate assessment findings, results, and recommendations to stakeholders at various levels.
• Analytical Skills: Strong analytical and problem-solving skills to identify control deficiencies, assess their impact, and develop remediation plans.
• Organizational Skills: Excellent organizational and time management skills to manage multiple assessments, remediation efforts, and reporting requirements.
• Attention to Detail: Meticulous attention to detail to ensure accuracy in assessments, documentation, and reporting.
• Integrity and Professionalism: High level of integrity and professionalism in handling sensitive information and maintaining objectivity in assessments.

What to expect in the hiring process

• A preliminary phone call with the recruiter 
• A Panel Interview
• A case study assessment
• A behavioural and technical interview with a member of the Executive team.

Moniepoint is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees and candidates.

Who we are

Moniepoint Inc. is Africa’s all-in-one financial ecosystem, helping 10 million businesses and individuals access seamless payments, banking, credit, and business management tools since 2019.
As Nigeria’s largest merchant acquirer, it powers most of the country’s Point of Sale (POS) transactions. Through its subsidiaries, Moniepoint Inc. processes $22 billion monthly for its customers while operating profitably.

Role Overview

The API & SQL Database Auditor is responsible for assessing the design, security, reliability, and compliance of application programming interfaces (APIs) and relational database systems. This role evaluates how data is accessed, processed, stored, and protected across applications, ensuring adherence to security standards, regulatory requirements, and internal controls.

Key Responsibilities 

Audit & Compliance

• Audit of Application Program Interfaces Security Controls.
• Audit REST, GraphQL, and internal APIs for governance, and compliance with organizational standards.
• Audit of Database Security Controls (e.g., MySQL, PostgreSQL, SQL Server, Oracle) for data integrity, availability, and confidentiality.
• Assess compliance with regulatory and industry frameworks (e.g., SOC 2, ISO 27001, PCI DSS, HIPAA, GDPR).
• Evaluate API versioning, lifecycle management, and deprecation controls.

Security & Risk Assessment

• Identify risks related to authentication, authorization, rate limiting, and input validation.
• Review protection mechanisms against common threats (e.g., injection attacks, broken object-level authorization).
• Evaluate encryption practices (in transit and at rest).
• Assess secrets management for database credentials and API keys.
• Review database patching, vulnerability management, and hardening practices.

Data Governance & Integrity

• Assess data classification, retention, and deletion policies.
• Review database schema design, constraints, indexing, and referential integrity controls.
• Evaluate logging, monitoring, and audit trails for data access and changes.
• Verify segregation of duties for database administration and application access.

Process & Controls Review

• Review backup, replication, and disaster recovery processes.
• Assess performance monitoring, capacity planning, and availability controls.
• Evaluate change management processes for schema and API changes.
• Review third-party API integrations and data-sharing agreements.

Reporting & Advisory

• Document audit findings with risk ratings and evidence.
• Provide clear, actionable remediation recommendations.
• Present findings to engineering, security, and data governance stakeholders.
• Track remediation progress and validate corrective actions.
• Participates in the other regular audits in the IT Audit Plan as assigned by the Head, IT Audit.

Skills & Competencies

• SQL (analysis, permissions, schema review)
• API documentation and testing tools (Postman, Swagger/OpenAPI)
• Database security controls (roles, grants, auditing)
• Logging and monitoring solutions
• Encryption and key management concepts
• Strong analytical and investigative skills
• Ability to translate technical risks into business impact
• Clear written documentation and reporting
• Professional skepticism and attention to detail
• Ability to collaborate with engineering and security teams

Qualifications 

• Minimum of a Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or related field (or equivalent experience).
• Certifications in one or more of the following will be an added advantage - CISA, ACA, CISSP, CISM, CRISC, MICROSOFT certifications, ORACLE, etc.
• Experience: Minimum of 5 years experience in application security, database administration, software engineering, or IT audit.
• Strong understanding of RESTful APIs and SQL-based databases.
• Experience reviewing authentication and authorization mechanisms (OAuth 2.0, JWT, API keys).
• Working knowledge of SQL querying and database security concepts.

What we can offer you

• Culture -We put our people first and prioritize the well-being of every team member. We’ve built a company where all opinions carry weight and where all voices are heard. We value and respect each other and always look out for one another. Above all, we are human.
• Learning - We have a learning and development-focused environment with an emphasis on knowledge sharing, training, and regular internal technical talks.
• Compensation - You’ll receive an attractive salary, pension, health insurance, annual bonus, plus other benefits.
  

What to expect in the hiring process

• A preliminary phone call with the recruiter
• Panel interview with a Manager
• Behavioral and technical interview with an Executive team member

Who We Are

Moniepoint is Africa’s all-in-one financial ecosystem, empowering businesses and their customers with seamless payment, banking, credit, and management tools. In 2023, we processed $182 billion and are Nigeria’s largest merchant acquirer. We are on a mission to create financial happiness for everyone, everywhere.

What We Do

At Moniepoint, we are a customer-focused community dedicated to crafting solutions that redefine our industry. We leverage artificial intelligence and data-driven best practices to support our businesses, from providing credit and overdrafts to ensuring every transaction is secure.

Curious about what makes Moniepoint an incredible place to work? Check out our stories on how we cultivate a culture of innovation, teamwork, and growth.

About the role

The Data Privacy & Protection Officer will support the Compliance Team in implementing and maintaining TeamApt’s Data Protection framework in compliance with the Nigeria Data Protection Act (NDPA) 2023, GAID, and other relevant Data Privacy regulations. The role provides day-to-day oversight in monitoring Data Processing activities, handling customer privacy rights requests, conducting awareness training, and supporting privacy risk management across TeamApt’s operations.

What you’ll get to do

Compliance & Governance

• Responsible for developing, implementing, and monitoring adherence to Data Privacy policies, procedures, and controls, including NDPA 2023, CBN regulations, and NDPC directives
• Ensures that all obligations are met with respect to lawful processing, purpose limitation, data minimisation, accuracy, storage limitation, integrity, and confidentiality.
• Maintain and regularly update the Record of Processing Activities (RoPA) and oversee the NDPC Data Protection Compliance Audit.

Data Subject Rights & Requests Management

• Coordinate and ensure timely, compliant responses to all Data Subject Access Requests (DSARs) and other individual rights requests.
• Manage data subject rights requests- including access, rectification, erasure, restriction, objection, and portability within statutory timelines.
• Develop and enforce the organisation's Data Protection Policy, Privacy Notice, Cookie Policy, Retention Policy, and all supporting privacy documentation.

Data Protection Impact Assessments (DPIA) & Risk Management

• Conduct and review DPIAs for new products, systems, and vendors. 
• Facilitate the identification and mitigation of Data Protection/Privacy risks and ensure technical measures are in place in collaboration with IT and Risk teams.

Training, Awareness & Capacity Building

• Execute privacy awareness campaigns and training across departments, including developing and maintaining learning materials.
• Monitor and interpret changes in Nigerian and International Data Protection laws

Third-Party Management

• Oversee third-party data processor due diligence, ensure Data Processing Agreements (DPAs) are in place with all vendors and partners, and manage ongoing compliance of processor relationships.
• Maintain the Vendor Data Processing Register and support contract reviews for privacy clauses.

Incident Management & Reporting

• Manage data breaches, maintain incident Registers and participate in post-incident reviews.
• Manage data breach response (documentation, investigation, regulatory reporting to NDPC within statutory timelines). 
• Ensure personal data elements are adequately protected within the organisation's security architecture, including encryption at rest and in transit, access controls, tokenisation of sensitive payment data, and audit logging
• Provide data protection oversight for the organisation's Business Continuity Planning (BCP) and Disaster Recovery (DR) programmes, ensuring personal data recoverability and minimised data loss objectives

Regulatory Engagement

• Prepare reports, documentation, and responses for the NDPC, and other regulators, also coordinate responses to NDPC’s notices, directives, and audits.
• Serve as a representative in all regulatory engagements with the NDPC, NITDA, NCC and other data-related matters.
• Manage and maintain all associated registrations, filings, renewals, and regulatory correspondence.

To succeed in this role, you should have experience in

• Excellent understanding of Data Privacy principles, risk management, and control frameworks.
• Familiarity with Data governance, Data lifecycle management, and financial customer data handling.
• High ethical standards and attention to detail.
• Ability to work collaboratively with cross-functional teams.
• Strong organizational and documentation skills.
• Tech savvy and familiarity with Data Governance software.
• Strong communication and report-writing skills.
• Analytical thinking and ability to spot compliance risks.
• Ability to work under supervision while taking initiative on assigned tasks.

Eligibility:

• Bachelor’s degree in Law, Information Technology, Computer Science, or related field.
• Minimum of 7–10 years of experience in Data Protection, IT GRC, Compliance, or Cybersecurity, preferably within financial services or regulated institutions.
• Professional certification like CIPP/E, CDPO or CIPM from accredited issuing bodies.
• Sound knowledge of the Nigeria Data Protection Act (NDPA 2023), NDPC Regulations, CBN IT Standards, and global Data Protection frameworks (e.g., GDPR).
• Strong analytical, communication, and stakeholder management skills

What we can offer you

• Culture -We put our people first and prioritize the well-being of every team member. We’ve built a company where all opinions carry weight and where all voices are heard. We value and respect each other and always look out for one another. Above all, we are human.
• Learning - We have a learning and development-focused environment with an emphasis on knowledge sharing, training, and regular internal technical talks.
• Compensation - You’ll receive an attractive salary, pension, health insurance, annual bonus, plus other benefits.

What to expect in the hiring process

• A preliminary phone call with the recruiter
• A technical interview with the Hiring Manager
• A behavioural and technical interview with a member of the Executive team.

Moniepoint Inc is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees and candidates.