Application Security Engineer

Talentsafari Remote Today

engineering

About Paystack

Paystack’s mission is to help merchants in Africa get paid by anyone, anywhere in the world. Tens of thousands of notable corporations and businesses in Africa use Paystack’s modern payments infrastructure, including MTN, Bolt, Domino’s Pizza, Smile Communications, AXA Mansard Insurance, and many others.

Within over 9 years, our close-knit team has introduced a steady cadence of innovations within the African Payment space, such as automated recurring payments, the ability for customers to pay with only a bank account, automated chargebacks, and much more. We process well over $300 million in transactions monthly, and our double-digit growth has us processing even more every month.

We’ve pioneered a new era of simple, powerful technology tools for businesses in Africa, and as we prepare for a period of accelerated growth, we’re looking to you to help build a solid foundation upon which we can support some of the continent’s best-performing businesses.

At Paystack, we believe that we will win by recruiting talented people and giving them the space, resources, and support to do the best work of their lives. We hire the most capable people, treat them with genuine respect, and give them the means to succeed. And we’d love your help!

As a leader of the Information Security function at Paystack, you will contribute to the business by presenting your technical expertise with a balanced approach to communication and a bias for action. You will be required to work with our leadership teams at all levels of the company to drive solutions that impact our platform for the good of Paystack and ultimately, our customers and stakeholders. You will leverage your experience across various tools and processes to establish policies and standards across the company.

What you’ll do

We're looking for an intermediate Application Security Engineer to join our Information Security Team. This is your chance to play a critical role in securing Paystack's rapidly growing fintech platform and ensuring that our customers' trust remains unwavering.

You'll work closely with our Engineering, DevOps, and Product teams to safeguard our applications from design to deployment. From penetration testing and vulnerability management to building a culture of secure development, you'll be the expert who ensures security is embedded into everything we build.

If you're passionate about protecting systems, love a technical challenge, and thrive in a fast-paced, collaborative environment — this role was made for you.

Job Responsibilities

As an Application Security Engineer/Analyst, you will be a key contributor to our security posture, working closely with engineering and product teams.

Your responsibilities will include:

Application Security Testing: Conduct web and mobile application security assessments and API security testing. Perform threat modelling, secure code reviews, and attack surface analysis. Support SAST and DAST initiatives.
Vulnerability Management: Assist in managing the vulnerability lifecycle. Coordinate internal and external security assessments, ensuring proper scoping and timely delivery. Track and report on remediation progress.
Secure Development Lifecycle (SDLC) Integration: Ensure secure coding practices are followed. Collaborate with developers, testers, and business analysts to provide proactive security guidance during development sprints. Contribute to security frameworks, checklists, and guidelines (aligned with OWASP, NIST, MITRE). Work on DevSecOps testing and protective controls.
Incident Response Support: Assist in the investigation and resolution of application security incidents. Contribute to post-incident analysis and implement preventative measures.
Continuous Improvement & Innovation: Stay informed about cybersecurity trends, emerging threats, and attack vectors. Research and contribute to the implementation of innovative security solutions. Identify process improvements to enhance the efficiency and effectiveness of security assessments.

Who You Are

A few things we expect you should have to be able to meet the demands of the role include:

Minimum 3 years in application security, IT security, or software development with a security focus
Hands-on experience with penetration testing, vulnerability assessments, and secure code reviews
Proven experience with SAST, DAST, and threat modelling frameworks
Practical knowledge of secure software development practices (OWASP Top 10, CWE)
Hands-on development experience or scripting ability (Python, JavaScript, Bash)
Strong understanding of web application security, API security, and cloud security concepts (AWS, Azure, or GCP)
Understanding of DevSecOps principles and CI/CD security integration
Excellent communication skills with the ability to explain complex security concepts to technical and non-technical audiences
Collaborative mindset with the ability to work cross-functionally

Benefits

Competitive compensation package and benefits
Stripe Equity compensation
Full medical coverage
Wellbeing stipend
Generous leave and sabbatical policies
Hybrid working environment
Smart, kind colleagues who’re invested in your growth.

Paystack is an equal opportunity employer and prohibits discrimination and harassment of any kind. We’re committed to providing employees with a work environment that is progressive and open-minded.

Our employment philosophy is to hire the best people and empower them to do the best work of their lives. Employment decisions are based on business needs and individual merit without regard to race, colour, religion, ethnicity, sexual orientation, nationality, marital status, gender or age.