Monnai is building the world’s leading identity and risk data infrastructure, powering some of the largest global digital lenders, financial institutions, and fintech players across the U.S., LATAM, Europe, and Asia. At our core, we focus on data quality, operational performance at scale, and delivering measurable outcomes for customers.
Monnai recently raised a new $10M+ financing round and is operating from a position of strength, having reached profitability and grown revenue 5× in 2025. To date, the company has been deliberately focused on building deep technology along with strong customer engagement and high-leverage product execution.
Operating Environment & What to Expect
Monnai is a real, working business with a proven product, strong customer adoption, profitability, and rapid growth — but we are still early. Teams are lean and hands-on, processes are evolving, and priorities can shift quickly as we learn and scale. Direction is not always fully formed; clarity often needs to be created.
This role is ideal for someone who enjoys working with ambiguity, limited structure, and constant motion — and who can turn rough inputs, evolving ideas, and incomplete direction into something coherent, polished, and distinctive.
At Monnai, we operate as one team, where clarity, customer impact, creativity, and long-term value creation come first. Success isn’t measured by features shipped — it’s measured by whether customers and prospects get real value, are compelled to test the platform, and expand usage over time.
What This Role Is About
We are looking for a Privacy & Security Analyst to help build and scale Monnai’s privacy and security posture as we expand across regions, customer segments, and regulated environments. This is a core role supporting how we protect customer data, manage risk, and maintain compliance with global privacy and security standards.
Monnai operates in a trust-critical domain where security and privacy are directly tied to customer confidence and business growth. This role is ideal for someone who is highly detail-oriented, thinks systematically about risk, and is motivated by building strong programs, controls, and processes — while also being hands-on with reviews, monitoring, and audits.
You will work closely with Engineering, Product, Data, Legal, and Customer teams to ensure privacy and security are embedded into product development, operations, and customer engagement.
What You’ll Do
Privacy Program & Compliance Support
- Support development and execution of Monnai’s privacy program across global standards and regional regulations.
- Help drive compliance readiness for frameworks such as SOC 2, ISO 27001, and privacy requirements such as GDPR, and other relevant regional laws.
- Maintain privacy documentation such as data inventories, processing activities, and retention policies.
- Partner with Legal and Product teams to support customer compliance questions and due diligence requests.
Security Controls & Risk Management
- Assist with implementing and tracking security controls across systems, vendors, and internal operations.
- Conduct risk assessments and work with teams to define mitigation strategies.
- Support vendor risk evaluations and third-party security assessments.
- Help identify gaps in security posture and propose improvements aligned with best practices.
Security Monitoring & Incident Support
- Support security monitoring activities including alerts, triage workflows, and investigation procedures.
- Help maintain incident response playbooks and support incident handling processes as needed.
- Coordinate post-incident reviews and ensure remediation tasks are tracked and closed.
Policy, Process, and Documentation
- Help create and maintain security and privacy policies, procedures, and control documentation.
- Track evidence collection and audit readiness for customer and certification audits.
- Support awareness training, compliance adoption, and internal communications.
Cross-Functional Partnership
- Work closely with Engineering and DevOps teams to ensure secure-by-design development practices.
- Support privacy-by-design reviews for new product features and data flows.
- Partner with Customer teams to support enterprise security questionnaires, customer audits, and security disclosures.
Who You Are
- 2–6+ years of experience in privacy, security, compliance, risk, or related governance roles.
- Strong foundational knowledge of security controls, risk frameworks, and privacy principles.
- Familiarity with compliance standards such as SOC 2, ISO 27001, and privacy regulation concepts such as GDPR.
- Experience working with security policies, audits, access controls, and vendor risk processes.
- Comfortable working with logs, internal tools, security alerts, and evidence gathering workflows.
- Strong documentation skills with high attention to detail — you can turn messy inputs into structured, audit-ready outputs.
- Strong communication skills and the ability to coordinate across Engineering, Legal, and Product teams.
- Ability to operate effectively in fast-paced environments with limited structure and evolving priorities.
Preferred Qualifications
- Experience supporting SOC 2 / ISO 27001 audits end-to-end (evidence collection, control mapping, auditor responses).
- Familiarity with data classification, encryption, access control models, secrets management, and cloud security concepts.
- Experience working with security tools (SIEM, vulnerability scanners, endpoint tools) and risk tracking tools.
- Experience supporting privacy impact assessments (PIAs) or security risk assessments.
- Exposure to fintech, identity, risk, fraud, or compliance-heavy industries.
