Overview
Legal Associate Jobs in Greater Kuala Lumpur at FINEXUS Group
Title: Legal Associate
Company: FINEXUS Group
Location: Greater Kuala Lumpur
Finexus is a multi-disciplinary Fintech, providing software outsourcing and regulated products such as e-money, merchant acquiring, financing and remittance. Its technology services includes transactional and reporting software. Finexus holds multiple domestic and international certifications and works closely with card schemes and payment networks, and serve all types of banks – conventional, Islamic, investment and digital, for 25 years.
- Overview of the Role
Candidates from private practice, in-house or a hybrid background are welcome to apply. The area of private practice or industry of in-house is largely immaterial but the general assumption is that candidates from private practice – corporate have a slight advantage. Curiosity and ownership are two key qualities we seek. While sound legal fundamentals are expected, the differentiating factor is the candidate’s ability to translate regulatory or legal requirements into commercial outcomes, balancing growth and risk.
This is an addition, not a replacement. We are strengthening our legal and privacy team, built on resilient infrastructure, pressure tested in several environments. The candidate will be assisting the existing legal, contracts management and privacy team but focusing largely on DPO office matters.
- Fundamental Requirements:
- 2 – 4 years of legal experience
- Experience in advising clients or teams in heavily regulated environments, and your workarounds
- Must-have familiarity with contracts, privacy and intellectual property law. Interest in privacy, technology or financial products is an added advantage.
- Independent operator, commercially pragmatic, solutions-oriented, and a self-starter who can own their portfolio and mistakes.
- Organised, practical, and able to distinguish issues that need escalation from those you can resolve independently
- Job Descriptions at a High Level (Privacy and Commercial)
- Own the processing maps and registers and ensure they are accurate, current, and audit-ready.
- Conduct DPIAs for new products, features, vendor relationships, data processing agreements, policy drafting and mapping, manage the full DSAR lifecycle from intake to response within statutory timelines.
- Horizon scanning on regulatory change management and remediation tracking, in respect of privacy laws, be it domestic or cross-border, with impact on Finexus. Synthesise challenges into clear, actionable steps and drive their implementation. You are expected to interpret, not compile or cite regulations.
- Translate identified obligations into relevant policies and drive enforcement of the same across all business verticals and represent the team in various work streams.
- Support incident management and breach response, intake triage, internal escalation, root cause documentation, and preparation of data privacy reports for management and regulatory notification.
- Coordinate cross functionally to support contract negotiations and ensure compliance with applicable laws and internal governance requirements.
- Contract review, specifically on technology and privacy related clauses for all business verticals, which includes SaaS, MSAs, frameworks, GTCs, SLAs and cloud-related engagements.
- General commercial legal advisory on product, business, operations, finance, and HR, advising on regulatory touch-points in new initiatives, supporting vendor onboarding due diligence, and flagging legal or commercial risks in day-to-day operational decisions