[Hiring] Security Analyst (Vulnerability Management) @Moniepoint

Role Description

We are seeking a motivated and detail-oriented Vulnerability Management Engineer to join our Information Security team. This role is responsible for executing key functions across the vulnerability management lifecycle - from discovery and assessment to remediation tracking and reporting - to enhance the organization’s overall security posture. This is an entry-level role designed for candidates looking to build hands-on experience in vulnerability management, working closely with senior security engineers, IT teams, and product teams.

Key Responsibilities

• Vulnerability Discovery and Assessment
  • Execute and monitor periodic vulnerability scans across internal infrastructure and cloud platforms.
  • Conduct periodic scans to support compliance requirements.
  • Perform External Attack Surface Assessments on internet-facing assets.
  • Assist in validating scan results and identifying false positives.
• Analysis, Prioritization, and Reporting
  • Analyze Vulnerability scan results to identify security gaps and potential threats.
  • Prioritize Vulnerability scan report based on risk severity and business impact.
  • Report findings to asset owners and relevant stakeholders for timely remediation.
• Remediation and Tracking
  • Collaborate with IT, System Administrators, and Product Teams to ensure vulnerabilities are remediated within defined Service Level Agreements (SLAs).
  • Track remediation progress and follow up on outstanding vulnerabilities.
  • Support implementation of mitigation strategies where immediate remediation is not possible.
• Risk Management
  • Assist in performing risk assessments related to identified vulnerabilities.
  • Support documentation of risks and contribute to mitigation planning.
  • Maintain awareness of evolving risk posture across systems.
• Security Tools and Technologies
  • Support the operation and maintenance of vulnerability management tools.
  • Assist in scan configuration, execution, result interpretation and reporting.
• Compliance and Standards
  • Support vulnerability management activities aligned with standards such as PCI-DSS, ISO 27001, and NIST.
  • Assist with audit preparation, including evidence gathering and documentation.
  • Ensure scanning and remediation practices meet compliance requirements.
• Reporting and Metrics
  • Assist in creating dashboards and reports to visualize vulnerability trends, risk posture, and remediation performance.
  • Maintain accurate records of vulnerabilities, remediation status, and scan history.
  • Communicate findings clearly to both technical and non-technical stakeholders.
  • Suggest improvements to scanning, reporting, and remediation workflows.
• Support Incident Response & Threat Intelligence Units
  • Assist in Incident Response tasks and post-incident analysis when needed.
  • Assist in Threat Intelligence tasks from internal and external sources when needed.
  • Track emerging threats, vulnerabilities, and tactics used by relevant threat actors.
  • Contribute to threat briefings and recommendations for security controls.
• Continuous Learning and Improvement
  • Stay current with emerging vulnerabilities, threats, and cybersecurity trends.
  • Participate in training, labs, and knowledge-sharing sessions.
  • Continuously develop technical skills in security tools and methodologies.

Qualifications

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field.
• Good understanding of vulnerability management lifecycle, vulnerability scanning/patch management tools, SIEM, EDR, CSPM is an advantage.
• Understanding of networking fundamentals, operating systems, and cloud concepts.
• Strong analytical and problem-solving skills.
• Ability to work collaboratively and willingness to learn.

Preferred (Nice to Have)

• Entry-level certifications such as CompTIA Security+, ISC2 (CC), BTL1, eJPT.
• Familiarity with Linux/Windows environments and cloud platforms (AWS, or GCP).
• Hands-on lab, internship, or project experience in security operations or vulnerability assessment.

Benefits

• Culture - We put our people first and prioritize the well-being of every team member. We’ve built a company where all opinions carry weight and where all voices are heard. We value and respect each other and always look out for one another. Above all, we are human.
• Learning - We have a learning and development-focused environment with an emphasis on knowledge sharing, training, and regular internal technical talks.
• Compensation - You’ll receive an attractive salary, pension, health insurance, Employee Stock Options, annual bonus, plus other benefits.

What to expect in the hiring process

• A preliminary phone call with the recruiter.
• A technical interview with a Team Lead.
• A behavioural and technical interview with a member of the Executive team.