Who we are

Moniepoint Inc. is Africa’s all-in-one financial ecosystem, helping 10 million businesses and individuals access seamless payments, banking, credit, and business management tools since 2019.

As Nigeria’s largest merchant acquirer, it powers most of the country’s Point of Sale (POS) transactions. Through its subsidiaries, Moniepoint Inc. processes $22 billion monthly for its customers while operating profitably.

Curious about what makes Moniepoint an incredible place to work?
Check out posts on how we cultivate a culture of innovation, teamwork, and growth.

About the role

We are seeking a detail-oriented and analytically rigorous Security & Technology Risk
Analyst to join our Information Security Assurance Team at Moniepoint. In this role, you will be
instrumental in identifying, monitoring, and reporting on security and technology operational

risks across our fintech ecosystem. You will translate complex risk data into actionable
intelligence that enables executive leadership to make informed strategic decisions while
ensuring our organization maintains the highest standards of regulatory compliance and

operational resilience.
As a financial technology company, trust and security are foundational to our brand. Your work
directly contributes to Moniepoint's ability to safely expand into new markets, launch innovative
products, and maintain the confidence of our customers and stakeholders.

Key Responsibilities:

Conduct comprehensive risk assessments across security and technology domains
(cloud, network, infrastructure, product, endpoint, third-party) using NIST Risk
Management Framework, FAIR methodology, and qualitative/quantitative analysis
methods.

● Perform Business Impact Analysis (BIA) on critical systems to determine Recovery Time
Objectives (RTO) and Recovery Point Objectives (RPO), collaborating with process
owners to validate findings and maintain documentation as business operations evolve.

● Administer and maintain the security risk register with current and historical records,
ensuring comprehensive documentation and audit evidence for regulatory examinations
and internal/external audits.

● Guide development and documentation of risk treatment plans aligned with enterprise
risk appetite, collaborating with cross-functional stakeholders (Engineering, Legal,
DevOps, IT, Security) on prioritization, execution strategies, and integration into product
development and operational processes.

● Track and validate execution of risk treatment plans, monitoring completion rates,
escalating delays, and ensuring residual risk remains within tolerance levels while
adjusting plans as needed based on mitigation and remediation progress.

● Design and maintain quantifiable risk metrics across exposure measurement, control
effectiveness assessment, and risk treatment progress tracking for executive
decision-making, with continuous monitoring against organizational risk appetite thresholds via real-time dashboards and reporting.

● Analyze emerging threats and regulatory changes to proactively surface new risks and
support strategic initiatives including market expansion and new product launches.

● Ensure all security and technology risk management activities adhere to applicable
financial regulations, industry standards, and relevant frameworks (ISO 27001, SOC 2,
PCI-DSS, NDPA, NIST, FAIR).

● Support security teams in evaluating third-party and vendor risks, ensuring alignment
with organizational security standards and conducting ongoing risk assessments as part
of the vendor management program.

● Communicate risk findings, assessments, and recommendations in business-relevant terms to stakeholders at all levels, translating technical risk concepts into actionable
intelligence for executive leadership and operational teams.

Required Qualifications

● Bachelor's degree in Computer Science, Information Security, Risk Management,
Engineering, or related field.

● 5+ years of professional experience in operational risk management, cybersecurity risk, or technology risk assessment.

● Demonstrated experience conducting risk assessments, threat analysis, or vulnerability
management.

● Experience developing risk metrics, KPIs, or dashboards for executive audiences.

● Familiarity with risk management frameworks (e.g., NIST Cybersecurity Framework, ISO
27001 or similar)

● Experience in financial services, fintech, or regulated industries preferred.

● Proficiency in risk assessment methodologies and qualitative/quantitative analysis

● Knowledge of business continuity and disaster recovery planning principles

Preferred Qualifications

● Professional certifications: CISM, CRISC, or equivalent risk/security certification.

● Experience with fintech, banking, or other highly-regulated industries

What to expect in the hiring process

• A preliminary phone call with the recruiter
  
• A Panel Interview
• A behavioural and technical interview with a member of the Executive team.

Moniepoint is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees and candidates.