Lead Cybersecurity Analyst

MoneyLion is a leader in financial technology powering the next generation of personalized products and content, with a top consumer finance super app, a premier embedded finance platform for enterprise businesses and a world-class media arm. MoneyLion’s mission is to give everyone the power to make their best financial decisions. We pride ourselves on serving the many, not the few; providing confidence through guidance, choice, personalization; and shortening the distance to an informed action.

In our go-to money app for consumers, we deliver curated content on finance and related topics, through a tailored feed that engages people to learn and share. People take control of their finances with our innovative financial products and marketplace - including our full-fledged suite of features to save, borrow, spend, and invest - seamlessly bringing together the best offers and content from MoneyLion and our 1,100+ Enterprise Partner network, together in one experience. MoneyLion’s enterprise technology provides the definitive search engine and marketplace for financial products, enabling any company to add embedded finance to their business, with advanced AI-backed data and tools through our platform and API. Established in 2013, MoneyLion connects millions of people with the financial products and content they need, when and where they need it.

About the Role

The Kuala Lumpur office is the technology powerhouse of MoneyLion. We pride ourselves on innovative initiatives and thrive in a fast paced and challenging environment. Join our multicultural team of visionaries and industry rebels in disrupting the traditional finance industry!

As a Lead Cybersecurity Analyst, you will be working under MoneyLion CDOC which is responsible to identify, protect, detect and respond to threats against MoneyLion. You will be responsible to understand MoneyLion’s corporate and cloud environment, identify its weaknesses and take necessary measures to correct and strengthen its security posture.

What you’ll do:

• Lead and mentor a team of cybersecurity analysts, providing guidance, training, and support to ensure the team’s effectiveness and professional growth
• Lead vulnerability assessments and security reviews to identify vulnerabilities within critical systems
• Analyze vulnerability assessment reports, triage vulnerabilities, then recommend and drive remediation/mitigation plans through a risk-based approach
• Develop and implement comprehensive security policies, procedures, and strategies to protect organizational assets. Stay informed about the latest cybersecurity trends and technologies to enhance security measures
• Ensure compliance with relevant laws, regulations, and industry standards. Perform risk assessments and develop risk mitigation strategies
• Prepare and present detailed reports on security incidents, vulnerabilities, and overall security posture to senior management. Maintain accurate documentation of security activities and incidents
• Work closely with other IT and business units to integrate security practices into daily operations and ensure alignment with organizational goals

What we’re looking for:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field. Advanced degree or certifications (e.g., CISSP, CISM, CISA) preferred.
• Minimum of 4 years of experience in cybersecurity roles, with at least 1 year in a leadership or supervisory position.
• Proven ability to lead and motivate a team, manage multiple projects, and drive results in a fast-paced environment.
• Strong written and verbal communication skills. Ability to convey complex security concepts to non-technical stakeholders.
• Ability to set and manage expectations with stakeholders and team members.
• Strong analytical skills and the ability to think creatively when approaching technical challenges.
• Experienced in utilizing tools to conduct vulnerability scans and recognizing security vulnerabilities.
• Strong report writing, and communication (written and verbal) skills.
• Able to accurately validate the presence of identified vulnerabilities.
• Good understanding of the latest cyber threat landscape (e.g. attack vectors, TTPs, targets, etc.) including system and application security vulnerabilities.
• Good understanding of network security architecture concepts.
• Good scripting/programming skills for automation (Python, Powershell, Bash, etc.)
• Ability to respond to immediate requests from stakeholders and assess ongoing priorities, executing with minimal direction or oversight

It’s a plus if you have:

• Experience with AWS cloud security and SIEM tooling.
• Knowledge of security defense systems (e.g. Firewall, AV, IDS, IPS, etc.).
• Knowledge of compliance frameworks (e.g., NIST, SOX, SOC2).
• GPEN/GWAPT/GCPN/OSCE/OSCP certification

What's Next...

After you submit your application, you can expect the following steps in the recruitment process:

1. Online Technical Assignment
2. Interview - Talent Acquisition Team (Virtual)
3. Interview - Hiring Manager interview (Face-to-face)

What We Value

We value growth-minded and collaborative people with high learning agility who embody our core values of teamwork, customer-first and innovation. Every member of the MoneyLion Team is passionate about fintech and ready to give 100% in helping us achieve our mission.

Working At MoneyLion

At MoneyLion, we want you to be well and thrive. Our generous benefits package includes:

• Competitive salary packages 
• Comprehensive medical, dental, vision and life insurance benefits
• Wellness perks
• Paid parental leave
• Generous Paid Time Off
• Learning and Development resources
• Flexible working hours 

MoneyLion is committed to equal employment opportunities for all employees. Inside our company, every decision we make regarding our employees is based on merit, competence, and performance, completely free of discrimination. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. Within that team, no one will feel more “other” than anyone else. We realize the full promise of diversity and want you to bring your whole self to work every single day.