Senior Application Security Engineer

Summary

Join Moniepoint Inc., Africa’s leading financial ecosystem, as a passionate Application Security Engineer. You will champion security best practices, embed application security into product lifecycles, and empower engineering teams to build secure products. Key responsibilities include acting as a security champion across product teams, designing secure solutions, promoting secure coding standards, leading vulnerability management and remediation, developing security packages, conducting penetration testing, and fostering continuous improvement through collaboration and knowledge sharing. This role requires 5+ years of hands-on experience in application security, a strong software engineering background, deep understanding of secure SDLC, proficiency in security tools and coding, and excellent communication skills. Moniepoint offers a supportive culture, learning opportunities, attractive salary, pension, health insurance, employee stock options, annual bonus, and other benefits.

Requirements

• 5+ years of hands-on experience in application security (AppSec), DevSecOps, or similar roles
• Software engineer with a keen interest in Security
• Deep understanding of secure software development lifecycle (SDLC) and first-principles of secure-by-design engineering
• Skilled in security scanning tools (e.g., SAST, DAST, SCA), incident and remediation workflows, and security automation
• Proficiency in reading and writing code for Java/Python/JavaScript and cloud platforms (AWS/Azure/GCP)
• Proven experience with pentesting or red-team engagements, identifying and exploiting application-level vulnerabilities
• Excellent communication skills, you're able to translate technical risks into actionable steps and help engineers incorporate security improvements
• Comfortable building trust as a security mentor and champion, raising security maturity across teams with patience and influence

Responsibilities

• Act as a Security Champion across product teams, influencing design and engineering decisions to prioritize security from the outset
• Design solutions that are Secure by Design, integrating threat modeling and security requirements into feature architecture and design reviews
• Promote and enforce Secure Coding standards through CI/CD automation, peer reviews, and development training to reduce vulnerabilities at the source
• Lead Vulnerability Management & Remediation, overseeing identification, risk-based triage, and tracking of remediation efforts for security issues
• Develop and maintain standard security packages (e.g., secure configuration baselines, code templates, CI/CD security integrations) for consistent use across engineering teams
• Conduct and support Penetration Testing, both hands-on and automated to uncover vulnerabilities throughout environments, platforms, and release cycles
• Enable continuous improvement through Collaboration & Enablement, delivering security knowledge transfer, best practices, and feedback loops across teams

Preferred Qualifications

• At least 2 years of experience working in an engineering team a plus
• Contributions to security tooling/open-source projects
• OSCP, OSCE, GXPN, or similar offensive security certifications a plus
• Experience with container sec

Benefits

• Attractive salary
• Pension
• Health insurance
• Employee Stock Options
• Annual bonus