Cybersecurity Analyst

About The Position

Requirements

• 1 to 5 years of professional experience in cybersecurity, GRC, IT, audit, risk, compliance, data, operations, financial services, or a closely related field. Around 2 to 3 years of experience is the sweet spot.
• A genuine interest in building a career in cybersecurity, risk, compliance, or enterprise risk management.
• Strong curiosity, good instincts, and a willingness to learn through coaching, feedback, and hands-on work.
• Clear written and verbal communication; you can explain a finding simply without losing the important details.
• Strong organization, attention to detail, and follow-through.
• Comfort working with data, documentation, checklists, trackers, and structured processes.
• A practical mindset: you can spot when something does not look right and are willing to dig in to understand why.
• A bachelor’s degree in information systems, cybersecurity, business, finance, data, accounting, or a related field — or a strong story for why your experience makes you fit without one.

Nice To Haves

• Exposure to SOC 2, PCI DSS, NIST CSF, ISO 27001, internal audit, IT audit, vendor risk, or similar compliance/risk frameworks.
• Familiarity with a GRC platform such as Vanta or a comparable tool.
• Experience supporting vendor reviews, security questionnaires, audits, evidence collection, or control testing.
• Familiarity with AI tools, scripting, reporting tools, no-code/low-code automation, or workflow automation.
• Exposure to financial services, lending, fintech, credit unions, or regulated technology environments.
• A security, audit, privacy, or risk certification in progress or completed, such as Security+, CISA, CRISC, CISM, CCSK, or similar. Certifications are a plus, not a requirement.

Responsibilities

• Support the day-to-day operation of AKUVO’s governance, risk, and compliance program, including control monitoring, evidence management, risk tracking, and audit readiness.
• Help manage AKUVO’s GRC platform, including maintaining evidence, monitoring control health, and keeping compliance documentation current.
• Support compliance activities across frameworks such as SOC 2 Type II, PCI DSS, CIS 8.1, and related customer or regulatory expectations.
• Maintain risk registers, control libraries, issue logs, remediation trackers, and support documentation as reliable sources of truth.
• Track open issues, remediation items, and control gaps, including ownership, status, target dates, and whether items are closing on time.
• Assist with vendor security reviews, third-party risk assessments, and customer security questionnaire responses, with review and guidance from the SVP.
• Track regulatory, cybersecurity, and compliance developments relevant to AKUVO, our customers, and the financial technology/lending environment.
• Gather, organize, and sanity-check data used in risk assessments, compliance reporting, metrics, dashboards, and leadership updates.
• Help design and improve AI-assisted or automated workflows that reduce manual evidence collection, control reviews, reporting, and recurring compliance tasks.
• Partners across teams — product, engineering, operations, and customer-facing — to understand where risk lives and how it should be monitored.