Security – Technology Risk Analyst
Moniepoint Inc. (Formerly TeamApt Inc.)
full-time
Posted on:
Location Type: Remote
Location: Nigeria
Visit company websiteExplore more
Tech Stack
About the role
- Conduct comprehensive risk assessments across security and technology domains (cloud, network, infrastructure, product, endpoint, third-party) using NIST Risk Management Framework, FAIR methodology, and qualitative/quantitative analysis methods.
- Perform Business Impact Analysis (BIA) on critical systems to determine Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO), collaborating with process owners to validate findings and maintain documentation as business operations evolve.
- Administer and maintain the security risk register with current and historical records, ensuring comprehensive documentation and audit evidence for regulatory examinations and internal/external audits.
- Guide development and documentation of risk treatment plans aligned with enterprise risk appetite, collaborating with cross-functional stakeholders (Engineering, Legal, DevOps, IT, Security) on prioritization, execution strategies, and integration into product development and operational processes.
- Track and validate execution of risk treatment plans, monitoring completion rates, escalating delays, and ensuring residual risk remains within tolerance levels while adjusting plans as needed based on mitigation and remediation progress.
- Design and maintain quantifiable risk metrics across exposure measurement, control effectiveness assessment, and risk treatment progress tracking for executive decision-making, with continuous monitoring against organizational risk appetite thresholds via real-time dashboards and reporting.
- Analyze emerging threats and regulatory changes to proactively surface new risks and support strategic initiatives including market expansion and new product launches.
- Ensure all security and technology risk management activities adhere to applicable financial regulations, industry standards, and relevant frameworks (ISO 27001, SOC 2, PCI-DSS, NDPA, NIST, FAIR).
- Support security teams in evaluating third-party and vendor risks, ensuring alignment with organizational security standards and conducting ongoing risk assessments as part of the vendor management program.
- Communicate risk findings, assessments, and recommendations in business-relevant terms to stakeholders at all levels, translating technical risk concepts into actionable intelligence for executive leadership and operational teams.
Requirements
- Bachelor's degree in Computer Science, Information Security, Risk Management, Engineering, or related field.
- 3-5 years of professional experience in operational risk management, cybersecurity risk, or technology risk assessment.
- Demonstrated experience conducting risk assessments, threat analysis, or vulnerability management.
- Experience developing risk metrics, KPIs, or dashboards for executive audiences.
- Familiarity with risk management frameworks (e.g., NIST Cybersecurity Framework, ISO 27001 or similar)
- Experience in financial services, fintech, or regulated industries preferred.
- Proficiency in risk assessment methodologies and qualitative/quantitative analysis
- Knowledge of business continuity and disaster recovery planning principles
Benefits
- Health insurance
- 401(k) matching
- Paid time off
- Flexible work arrangements
- Professional development opportunities
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
risk assessmentsNIST Risk Management FrameworkFAIR methodologyBusiness Impact Analysisrisk treatment plansrisk metricsqualitative analysisquantitative analysisvulnerability managementdisaster recovery planning
Soft Skills
collaborationcommunicationdocumentationstakeholder engagementanalytical thinkingproblem-solvingexecutive communicationprioritizationadaptabilitystrategic thinking
Certifications
ISO 27001SOC 2PCI-DSSNISTFAIR