Senior Application Security Engineer at Moniepoint Incorporated – Remote

April 30, 2026
Apply Now

Job Description

A leading fintech company, Moniepoint Incorporated, is hiring a Senior Application Security Engineer to drive secure software development practices and strengthen application security across its platforms. This role involves working closely with engineering teams to embed security into development processes, conduct threat modeling, and lead security innovation efforts.

Key Responsibilities

  • Define and implement application security strategies aligned with business goals
  • Conduct threat modeling, security architecture reviews, and provide secure design guidance
  • Perform manual and automated code reviews across Java, Python, JavaScript, and cloud environments
  • Develop and implement security automation tools to improve vulnerability detection
  • Identify security risks through penetration testing and offensive security techniques
  • Collaborate with engineering teams to integrate security into CI/CD pipelines
  • Lead incident response for application security issues and conduct root cause analysis
  • Mentor engineers and promote best practices in secure software development

Requirements

  • Minimum of 5 years experience in application security, including at least 2 years in a senior or leadership role
  • Strong expertise in threat modeling methodologies such as STRIDE or PASTA
  • Hands-on experience with penetration testing and secure SDLC implementation
  • Proficiency in reviewing code written in Java, Python, and JavaScript
  • Experience working with cloud platforms such as AWS, Azure, or GCP
  • Ability to build security tools using languages like Python or Go
  • Strong understanding of security frameworks such as OWASP and NIST
  • Excellent communication skills with the ability to translate technical risks into business impact

Preferred Qualifications

  • Certifications such as OSCP, OSCE, GXPN, or similar
  • Experience contributing to open-source security tools or projects
  • Knowledge of container security (Docker, Kubernetes) or infrastructure-as-code
  • Experience handling advanced security threats or zero-day vulnerabilities