Vunerability Management Engineer

Who we are

Moniepoint is a financial technology company digitizing Africa’s real economy by building a financial ecosystem for businesses, providing them with all the payment, banking, credit, and business management tools they need to succeed.

Location: Lagos/Remote

Department: Information Security

Reports To: Security Operations Manager

Job Summary

We are seeking a proactive and detail-oriented Vulnerability Management Engineer to join our Information Security team. The Vulnerability Management Engineer will be responsible for identifying, analyzing, and managing vulnerabilities within our IT infrastructure and applications. The ideal candidate will have a strong technical background in vulnerability assessment, risk management, and remediation strategies.

Key Responsibilities:

Vulnerability Identification and Assessment:

• Conduct regular vulnerability scans and assessments on networks, systems, and applications.
• Analyze scan results to identify vulnerabilities and potential risks.
• Classify vulnerabilities based on severity and potential impact on the organization.

Remediation and Mitigation:

• Collaborate with IT and development teams to prioritize and remediate identified vulnerabilities.
• Develop and implement mitigation strategies to address vulnerabilities in a timely manner.
• Track and report on the status of remediation efforts to ensure timely resolution.

Risk Management:

• Perform risk assessments to evaluate the potential impact of vulnerabilities on the organization.
• Develop risk mitigation plans and work with stakeholders to implement them.
• Continuously monitor and reassess the risk landscape to adjust mitigation strategies as needed.

Security Tools and Technologies:

• Manage and maintain vulnerability management tools and platforms.
• Stay updated on the latest vulnerability management tools and technologies.
• Develop custom scripts and tools to enhance vulnerability management processes.

Compliance and Standards:

• Ensure vulnerability management practices comply with relevant regulations and standards such as PCI-DSS, ISO 27001, and NIST.
• Contribute to the development and maintenance of security policies and procedures.
•  Assist in audits and assessments related to vulnerability management.

Reporting and Documentation:

• Create detailed reports on vulnerability findings, remediation efforts, and overall security posture.
• Communicate vulnerability status and risks to technical and non-technical stakeholders.
• Maintain accurate and up-to-date documentation of vulnerability management activities.

Continuous Improvement:

• Stay current with the latest cybersecurity threats, vulnerabilities, and trends.
• Continuously evaluate and improve vulnerability management processes and practices.
• Participate in security-related training and development activities.

Qualifications:

• Bachelor’s degree in Computer Science, Information Security, or a related field. Equivalent experience may be considered.
• Minimum of 3 years of experience in vulnerability management, security engineering, or a related field.
• Proven experience with vulnerability scanning tools and platforms.
• Relevant certifications such as CISSP, CISM, CEH, or GIAC are highly desirable.
• In-depth knowledge of vulnerability assessment and management methodologies.
• Proficiency with vulnerability scanning tools such as Nessus, Qualys, and Rapid7.
• Strong understanding of network and application security principles.
• Experience with scripting and programming languages such as Python, Ruby, or Bash.
• Excellent analytical and problem-solving skills.
• Strong communication and reporting skills.
• Ability to work independently and as part of a team.

What we can offer you

• Culture -We put our people first and prioritize the well-being of every team member. We’ve built a company where all opinions carry weight and where all voices are heard. We value and respect each other and always look out for one another. Above all, we are human.
• Learning – We have a learning and development-focused environment with an emphasis on knowledge sharing, training, and regular internal technical talks.
• Compensation – You’ll receive an attractive salary, pension, health insurance, annual bonus, plus other benefits.

What to expect in the hiring process

• A preliminary phone call with the recruiter
• A technical interview with a Lead in our Engineering Team
• A behavioural and technical interview with a member of the Executive team. 
• Offer

Moniepoint is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees and candidates.