Information Security Analyst

Job Location: The Campus, Pun Hlaing Estate, Hlaing Thar Yar Township, Yangon.

Working Hours: 8:30 AM to 4:30 PM, (Monday to Friday)

Position Purpose

Information Security Analyst will be responsible for ensuring that Wave Money IT Infrastructure and Sensitive Information are protected in a secured manner. This role focuses on ensuring that Wave Money’s digital assets are protected securely and will play an important role in driving Information & Cyber Security transformation of Wave Money.

Key Result Areas
  • Assist in maturing Vulnerability Assessment and Security Testing process of the organization.
  • Assist in developing the Information Security program of the organization, tracking the progress and coordination between stakeholders and counterparts.
  • Assess the security exposure of Wave Money’s Digital Assets including, but not limited to, Wave Money’s sensitive information, systems and products.
  • Involve Security Monitoring and Incident Handling, Threat Hunting
Key Responsibilities
  • Review and monitor Security Access and Systems
  • Keep tracking on the latest cyber threats and advise proactive controls upon business impact assessment
  • Perform threat hunting activities based on realistic industrial hypothesis
  • Keep up with the latest vulnerabilities and malware outbreaks proactively to improve security readiness
  • Respond proactively in Security Incident Response from detection to closure.
  • Perform post-mortem on security breaches and incidents to identify the root cause and preventive actions
  • Conduct vulnerability assessments and penetration testing and risk analysis of DMM IT Infrastructure, sensitive information, products and digital assets
  • Perform both internal and external security audits
  • Maintain knowledge of adversary tactics, techniques, and procedures (TTP)
  • Develop automation tools to support security testing tasks
  • Take part in source code reviews and architecture discussions when needed
  • Review third-party vendors’ security and work with them to meet internal requirements
  • Provide ad-hoc security reporting and analysis
  • Work on Information security tasks assigned as required by the Organization
  • Contribute to team by accomplishing related results as needed.
Key Stakeholders

Stakeholders/Counterparts to communicate, coordinate and get in touch for Information & Cyber Security matters

Key Performance and Success Indicators
  • Self-Performance
  • Self-Discipline
  • Result-based Improvement
  • Security Posture of the organization’s IT Infrastructure 
Competencies
  • Detailed Oriented
  • Analytical Mindset
  • Communications
  • Organization development

Experience, Functional Skills and Knowledge Areas

  • Experiences: Minimum 2 years hands-on experience as an Information Security Analyst, Penetration Tester, Red Team Operator or similar role
  • Education and qualifications: Bachelor’s Degree in Computer Science or Technology; Professional certifications such as OSCP, CPTS, PNPT, CRTP, CRTE, and/or CREST certifications are highly preferred

Functional skills and knowledge areas:

  • Strong understanding of ethical hacking methodologies, vulnerability management, intrusion detection/prevention, and incident response
  • Hands-on experience in penetration testing of APIs, mobile and web applications, networks, and cloud environments
  • Familiarity with common security testing frameworks and tools (e.g., Burp Suite, Metasploit, Nmap, Frida, Objection, MobSF, etc.)
  • Experience with scripting and automation (e.g., Python, Bash) for tool development and process optimization
  • Knowledge of security monitoring tools and techniques
  • Exposure to threat modeling, MITRE ATT&CK framework, and red team methodologies
  • Ability to track the vulnerability advisories and remediation status.
  • Experience in secure architecture review, source code analysis, and regulatory compliance assessments
  • Ability to clearly communicate technical findings and recommendations to both technical and business audiences
  • Previous experience in financial services or fintech environments is a strong plus

Benefits

– Medical, Life Insurance
– Mobile Usage allowance
– Ferry
– Other benefits including Company Bonus

Highlights

– Myanmar’s First Mobile Financial Services Provider
– International Working Environment

Career Opportunities

– Growing organization
– Develop your career

More Opportunities

Head of Risk
Head of Risk

Head of Risk role is responsible to support the Chief Risk & Compliance Officer in the implementation of Wave Money’s Risk Management and Compliance Frameworks in the business, strengthening the risk and compliance culture in the organization, and supporting management and the Board on risk governance and compliance-related matters.

Learn More
iOS developer
iOS developer

We are looking for an iOS developer responsible for the development and design of iOS applications. Your primary focus will be development of iOS applications, SDK to support other applications, and integration with back-end services.

Learn More
Sr. Mgr/Manager, Treasury
Sr. Mgr/Manager, Treasury

The incumbent works with Bankers & internal business customers to help develop, improve processes and controls. Reporting to the Head of Finance with close interactions with all functions.

Learn More
Risk Specialist
Risk Specialist

The Risk Specialist role is to support the Operational Risk units with implementation of Wave Money’s Risk Management Framework in the business and educate management and the Board on risk- and compliance-related matters within the business.

Learn More

Wavemoney © 2025. All rights reserved.Developed by B360

chat icon
900 (Atom Number)
097 9000 9000 (Non-Atom Number)
099 7782 7977 (For All Operator)