Cybersecurity Analyst in Malvern, Pennsylvania at AKUVO LLC

CYBERSECURITY ANALYST

Reports to the SVP, Enterprise Risk Management

ABOUT THE ROLE

AKUVO is looking for a Cybersecurity Analyst who wants to build a career in security, risk, and compliance from a strong foundation. This is a hands-on role for someone early in their career who is hungry to learn, willing to take ownership, and interested in how modern cybersecurity and GRC programs actually operate.

You’ll work directly with the SVP, Enterprise Risk Management, who will guide your development. You will help keep AKUVO audit-ready, support vendor security reviews, maintain risk and control documentation, track remediation activity, and help improve the workflows that make risk and compliance work more effective. Over time, once you have built trust and demonstrated sound judgment, you will be expected to own recurring processes under leadership oversight.

This is not a passive support role. It is a development role for someone who asks good questions, learns quickly, follows through, and wants to become a well-rounded security and risk professional.

WHAT YOU'LL DO

• Support the day-to-day operation of AKUVO’s governance, risk, and compliance program, including control monitoring, evidence management, risk tracking, and audit readiness.
• Help manage AKUVO’s GRC platform, including maintaining evidence, monitoring control health, and keeping compliance documentation current.
• Support compliance activities across frameworks such as SOC 2 Type II, PCI DSS, CIS 8.1, and related customer or regulatory expectations.
• Maintain risk registers, control libraries, issue logs, remediation trackers, and support documentation as reliable sources of truth.
• Track open issues, remediation items, and control gaps, including ownership, status, target dates, and whether items are closing on time.
• Assist with vendor security reviews, third-party risk assessments, and customer security questionnaire responses, with review and guidance from the SVP.
• Track regulatory, cybersecurity, and compliance developments relevant to AKUVO, our customers, and the financial technology/lending environment.
• Gather, organize, and sanity-check data used in risk assessments, compliance reporting, metrics, dashboards, and leadership updates.
• Help design and improve AI-assisted or automated workflows that reduce manual evidence collection, control reviews, reporting, and recurring compliance tasks.
• Partners across teams — product, engineering, operations, and customer-facing — to understand where risk lives and how it should be monitored.

WHAT YOU'LL BRING

• 1 to 5 years of professional experience in cybersecurity, GRC, IT, audit, risk, compliance, data, operations, financial services, or a closely related field. Around 2 to 3 years of experience is the sweet spot.
• A genuine interest in building a career in cybersecurity, risk, compliance, or enterprise risk management.
• Strong curiosity, good instincts, and a willingness to learn through coaching, feedback, and hands-on work.
• Clear written and verbal communication; you can explain a finding simply without losing the important details.
• Strong organization, attention to detail, and follow-through.
• Comfort working with data, documentation, checklists, trackers, and structured processes.
• A practical mindset: you can spot when something does not look right and are willing to dig in to understand why.
• A bachelor’s degree in information systems, cybersecurity, business, finance, data, accounting, or a related field — or a strong story for why your experience makes you fit without one.

NICE TO HAVE

• Exposure to SOC 2, PCI DSS, NIST CSF, ISO 27001, internal audit, IT audit, vendor risk, or similar compliance/risk frameworks.
• Familiarity with a GRC platform such as Vanta or a comparable tool.
• Experience supporting vendor reviews, security questionnaires, audits, evidence collection, or control testing.
• Familiarity with AI tools, scripting, reporting tools, no-code/low-code automation, or workflow automation.
• Exposure to financial services, lending, fintech, credit unions, or regulated technology environments.
• A security, audit, privacy, or risk certification in progress or completed, such as Security+, CISA, CRISC, CISM, CCSK, or similar. Certifications are a plus, not a requirement.

GROWTH PATH & MENTORSHIP

This role is designed for growth. You will work directly with the SVP, Enterprise Risk Management and receive hands-on coaching as you build judgment, technical understanding, and ownership. You will not be expected to know everything on day one. You will be expected to learn quickly, follow through, communicate clearly, and steadily take on more responsibility.

Early growth milestones include learning AKUVO’s GRC platform and evidence structure, supporting vendor and customer assurance work, taking over recurring control monitoring and remediation tracking, and eventually owning selected GRC processes under SVP oversight.

WHY AKUVO

AKUVO builds the modern collections and credit-risk platform that helps lenders work smarter. Joining AKUVO’s risk and security function means learning durable discipline while helping shape how cybersecurity, risk, and compliance work gets done in a modern, AI-enabled environment.

AKUVO is an equal opportunity employer. We serve customers across the lending industry and value the diverse perspectives that make our team stronger.