Threat Intelligence & Vulnerability Management Analyst

Posted 9 Hours Ago
Be an Early Applicant
Lagos, Lagos Island, Lagos, NGA
Hybrid
Junior
Fintech • Payments • Software • Financial Services
The Role
Identify, analyze, and mitigate cybersecurity threats and vulnerabilities across infrastructure, applications, cloud, and third parties. Conduct threat hunting, manage vulnerability assessments and penetration testing coordination, track remediation, support GRC compliance (ISO, PCI, CBN frameworks), produce metrics and reports, and advise stakeholders on risk and security improvements.
Summary Generated by Built In

Duplo is a Lagos-based fintech startup that enables businesses in Africa to automate their spend management, simplify cross-border payments, and control business finances all on one platform.

We want to make B2B payments as simple as P2P payment apps. Most business payments in Africa are made offline….yikes. We are on a mission to transform this. We are backed by top investors including Tribe Capital, Commerce Ventures, Liquid2 Ventures, My Asia VC, Soma Capital, YCombinator, Oui Capital, and others.

This is a unique opportunity. You'll have the responsibility and resources to take a significant part in the creation of a paradigm-changing product that will impact millions.

The Threat Intelligence & Vulnerability Management Analyst is responsible for identifying, analyzing, and mitigating cybersecurity threats and vulnerabilities across the organization’s technology landscape. The role combines technical cybersecurity operations with Governance, Risk, and Compliance (GRC) capabilities to ensure vulnerabilities, emerging threats, and security risks are proactively managed in alignment with regulatory requirements, industry standards, and organizational risk appetite.
We are looking for a Threat Intelligence & Vulnerability Management Analyst (Contract) who will support cyber threat intelligence operations, vulnerability assessments, penetration testing coordination, remediation tracking, risk reporting, compliance monitoring, and security governance initiatives across infrastructure, applications, cloud environments, and third-party ecosystems.

Responsibilities:

Threat Intelligence Management

  • Monitor and analyze cyber threat intelligence feeds, indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs).
  • Conduct threat hunting activities and provide actionable intelligence to relevant stakeholders.
  • Track emerging cyber threats, ransomware campaigns, vulnerabilities, and attack trends relevant to the financial sector.
  • Produce threat intelligence advisories, alerts, and situational awareness reports.
  • Collaborate with SOC, Incident Response, and Engineering teams during security investigations and incidents.

Vulnerability Management

  • Conduct vulnerability assessments across servers, endpoints, databases, applications, cloud, and network devices.
  • Coordinate periodic penetration testing and remediation activities.
  • Validate remediation actions and ensure closure of identified vulnerabilities within agreed timelines.
  • Maintain vulnerability dashboards, risk registers, and remediation trackers.
  • Analyze vulnerability trends and provide risk-based recommendations to management.
  • Ensure timely patch management coordination with infrastructure and application teams.

Governance, Risk & Compliance (GRC)

  • Support compliance with regulatory and industry requirements, including CBN Cybersecurity Framework, NDPC, ISO/IEC 27001, ISO/IEC 22301, ISO/IEC 20001, and PCI DSS.
  • Perform cyber risk assessments and control effectiveness reviews.
  • Assist in policy development, control reviews, and cybersecurity governance reporting.
  • Maintain risk registers, exception registers, and compliance evidence repositories.
  • Support internal and external audits, regulatory examinations, and compliance reviews.

Security Monitoring & Reporting

  • Develop and maintain cybersecurity metrics, dashboards, and executive reports.
  • Monitor vulnerability remediation SLA compliance.
  • Provide periodic reports on cyber risks, threat exposure, and compliance posture.
  • Support continuous improvement of cybersecurity controls and operational resilience.

Stakeholder Engagement

  • Work closely with IT Engineering, DevOps, Risk & Compliance teams.
  • Provide security advisory support for projects, system upgrades, and digital transformation initiatives.
  • Conduct awareness sessions on cyber threats and vulnerability management best practices. 

Requirements:

  • Bachelor’s Degree in Computer Science, Information Security, Cybersecurity, Information Technology, Engineering, or related discipline.
  • Relevant certifications such as CEH, Security+, CySA+, CTIA, CISSP, CISA, CRISC, ISO 27001 Lead Implementer/Auditor, COBIT 2019 Foundation, or CGRC are preferred.
  •  Minimum of 2-3 years’ experience in cybersecurity operations, vulnerability management, threat intelligence, and GRC.
  • Experience within banking, fintech, telecommunications, or highly regulated industries is an advantage. 
  • Strong knowledge of cybersecurity principles, including threat intelligence, vulnerability management, incident response, SIEM tools, cloud security fundamentals, security governance, and regulatory compliance. 
  • Strong knowledge of cybersecurity principles, including threat intelligence, vulnerability management, incident response, SIEM tools, cloud security fundamentals, security governance, and regulatory compliance.
  • Ability to analyze security risks, solve problems, communicate effectively, collaborate with stakeholders, maintain confidentiality, and demonstrate strong attention to detail and continuous learning.
  • Excellent analytical thinking/problem solving skills
  • Excellent communication and reporting skills

Skills Required

  • Bachelor's degree in Computer Science, Information Security, Cybersecurity, IT, Engineering, or related discipline
  • Minimum of 2-3 years' experience in cybersecurity operations, vulnerability management, threat intelligence, and GRC
  • Knowledge and hands-on use of SIEM tools and threat intelligence feeds
  • Experience conducting vulnerability assessments and coordinating penetration testing and remediation
  • Familiarity with cloud security fundamentals and patch management coordination
  • Support for regulatory compliance including CBN Cybersecurity Framework, NDPC, ISO/IEC 27001, ISO/IEC 22301, ISO/IEC 20001, PCI DSS
  • Relevant certifications such as CEH, Security+, CySA+, CTIA, CISSP, CISA, CRISC, ISO 27001 Lead Implementer/Auditor, COBIT, CGRC
  • Experience within banking, fintech, telecommunications, or other regulated industries
  • Strong analytical thinking, problem solving, communication, and reporting skills
  • Ability to maintain confidentiality, collaborate with stakeholders, and support audits and compliance reviews
Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Santa Ana, CA
64 Employees
Year Founded: 2021

What We Do

Duplo helps businesses seamlessly navigate the complexities of local and international payments, expense management, and foreign exchange. Rooted in Africa but built for global commerce, Duplo empowers businesses to streamline financial operations and thrive in today's fast-paced, interconnected economy, grow their global footprint, and capitalize on the growth of emerging markets. Our platform offers a comprehensive, end-to-end solution for businesses to better manage their financial operations and local and international payments. Our expense management tools enable finance teams to easily handle approvals, manage reimbursements, submit receipts, calculate taxes, and generate accurate reports—enabling businesses to automate their workflows and reduce errors. We also offer multi-currency wallets, allowing businesses to negotiate, exchange, and send multiple currencies in one place, making international transactions and cross-border trade between Africa, Asia, and other regions more efficient. Our AI-powered platform brings a new level of fraud detection to spend management, flagging unusual expenses and ensuring consistency. Additionally, our direct debit functionality allows businesses to manage payments directly from their bank accounts or their existing ERP solutions, creating a seamless payment experience. What sets Duplo apart is our comprehensive end-to-end finance operations and payments platform, creating a two-sided network that connects buyers and suppliers. Backed by licenses such as PSSP, FINTRAC, FINCEN 2025, and IMTO, Duplo ensures secure and compliant transactions across countries. As an early mover with experienced leadership, Duplo is positioned to deliver the tools businesses need to thrive in today’s interconnected world. With Duplo, businesses can take control of their financial operations and payments, eliminate errors and inefficiencies, and unlock new opportunities for growth.

Similar Jobs

Alpha Mead Group Logo Alpha Mead Group

Admin/Accounts Officer (Port-Harcourt)

Professional Services • Real Estate • Consulting • PropTech
In-Office
Lagos, NGA
750 Employees
In-Office
Victoria Island, Lagos, NGA

Jobberman Logo Jobberman

Relationship Associate

HR Tech • Professional Services • Consulting
In-Office
Lagos, Lagos Island, Lagos, NGA
750 Employees

Jobberman Logo Jobberman

Telesales Associate

HR Tech • Professional Services • Consulting
In-Office
Lagos, Lagos Island, Lagos, NGA
750 Employees

Similar Companies Hiring

Hanover Park Thumbnail
Artificial Intelligence • Fintech • Software • Financial Services
New York, New York
42 Employees
Kepler  Thumbnail
Fintech • Software
New York, New York
6 Employees
Onshore Thumbnail
Artificial Intelligence • Fintech • Software • Financial Services
New York, New York
60 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account