Senior Security Engineer II, Application Security

Posted 18 Days Ago
Easy Apply
Hiring Remotely in USA
Remote
Senior level
Fintech • Social Impact • Financial Services
OppFi expands credit access to the 60 million everyday Americans who lack traditional options.
The Role
As a Senior Security Engineer II, you will enhance application security by implementing secure development practices, conducting penetration testing, performing risk assessments, and managing vulnerabilities across applications. Collaboration with development teams and security advocacy are key components of this role.
Summary Generated by Built In

OppFi is a tech-enabled, mission-driven specialty finance platform that broadens the reach of community banks to extend credit access to everyday Americans. Through best-in-class customer service, transparency, responsible lending, and financial inclusion, we support consumers, who are turned away by mainstream options, to build better financial health.

We are a team of caring, innovative, and inclusive individuals who thrive in being immersed in diverse talents, expertise, perspectives, and backgrounds. Our employees approach every new challenge with an unparalleled ability to see what could be rather than settle for what is. Our business principles guide us and create an open and collaborative culture where we improve 1% every day, and the best ideas always win! We welcome individuals who want to make an impact in the financial system by facilitating credit access, expanding financial inclusion, promoting financial health, and delivering exceptional customer service.

A few other fun facts about us. OppFi is one of the top consumer-rated financial platforms online, maintaining a 4.5/5.0-star rating on Trustpilot. We are a 2023 Crain’s Fast 50™ company and were named on Built In's 2024 Best Places to Work in Chicago.

 About the job:

As a Application Security Engineer II, you will play a pivotal role in safeguarding the company's systems, applications, and data by implementing robust security solutions and practices. Collaborating with cross-functional teams, you will ensure that our technology ecosystem adheres to industry security standards and aligns with company policies. Reporting to the Director of Security, you will contribute to securing the development lifecycle, enhancing the security posture of our applications, and providing guidance to development teams.

This role is ideal for a proactive professional who excels at analyzing applications, identifying vulnerabilities, and mitigating risks in the ever-evolving landscape of cybersecurity threats.

What you get to do:

  • Secure Development Practices: Collaborate with developers to promote secure coding practices, conduct code reviews, and ensure alignment with organizational security standards.
  • Penetration Testing and Vulnerability Management: Support penetration testing efforts, perform security assessments during project reviews, and manage application scanning throughout the software development lifecycle (SDLC).
  • Threat modeling: identifying and mitigating potential security risks in applications and services. This would involve collaborating with development teams analyzing system architectures, designing secure solutions, and adherence to security best practices.
  • Third-Party Risk Management: Monitor security vulnerabilities in third-party libraries, prioritize risks, and implement effective mitigations.
  • Application Security Enhancements: Enhance internal libraries, build systematic protections for classes of vulnerabilities, and implement secure defaults to protect against unsafe third-party code.
  • Static Application Security Testing (SAST): Integrate static analysis tools into continuous integration (CI) workflows, empowering developers to manage and mitigate code risks effectively.
  • Security Advocacy: Advocate for application security across the organization by mentoring engineers, conducting training sessions, and fostering a culture of security awareness.
  • Code Reviews: Conduct independent and paired code reviews, focusing on identifying vulnerabilities and educating developers on best practices.
  • Supply Chain Security: Manage and secure software supply chains using tools such as Artifactory or similar platforms.

What you will bring to the team:

  • Experience: 5+ years of experience in application development or application security.
  • Technical Expertise:
  • Proficiency in at least two programming languages (e.g., Ruby, Python, Clojure, or Apex).
  • Hands-on experience with web application penetration testing and deploying SAST tools in developer workflows.
  • Comprehensive knowledge of web vulnerabilities and deploying best-practice fixes in legacy and modern codebases.
  • Supply Chain Security: Strong understanding of supply chain security principles and experience managing risks associated with third-party libraries and dependencies.
  • Collaboration: Proven ability to work closely with development teams, fostering security awareness and improving secure coding practices.
  • Mentorship: Demonstrated experience mentoring engineers in security concepts, helping them identify and remediate vulnerabilities.
  • Tooling and Processes: Familiarity with integrating security tools into CI/CD pipelines and managing security risks across the development lifecycle.

Why Join Us?

  • Impactful Work: Be at the forefront of securing critical systems and applications, directly contributing to the organization's resilience against emerging threats.
  • Collaboration: Work alongside passionate security and development professionals who value innovation and teamwork.
  • Growth Opportunities: Expand your expertise in application security, participate in cutting-edge security projects, and mentor the next generation of security professionals.
  • Security Advocacy: Play a key role in fostering a security-first culture across the company

Reports to:  Director of Security Engineering

Total Rewards and Benefits:

The starting base salary for this position is $123,200 per year. The actual offer, reflecting the total compensation package and benefits, will be at the company’s sole discretion and determined by a myriad of factors including, but not limited to, years of experience, depth of experience, and other relevant business considerations. The total compensation package includes eligibility and potential for performance-based bonuses as well as equity grants dependent upon the role and job level.

OppFi offers a flexible, remote environment, 401(k) matching program, and generous paid time off. Other benefits include medical, dental, and vision coverage, and tuition reimbursement. There are also additional benefits, including DoorDash DashPass, Figo pet insurance, Rocket Lawyer, and access to LinkedIn Learning. OppFi also offers Fringe, which is a lifestyle benefits platform that allows employees decide how to spend rewards from dozens of vendors like Uber, DoorDash, and UrbanSitter. #LI-Remote

EEO Statement:

OppFi is an equal opportunity employer and does not discriminate based on any actual or perceived legally recognized protected bases under local, state, federal law, or regulations. Our goal as a company is to build an equitable workplace that actively works to dismantle systems of oppression in our processes, procedures, and interactions. We aim to help our employees thrive where they work and beyond. Check out our Culture page here.

As part of OppFi’s commitment to providing equal opportunity to qualified individuals, OppFi will ensure that persons with disabilities are provided reasonable accommodation as defined by applicable laws and organizational policies. If reasonable accommodation is needed to participate in the job application or interview processes or job requirements, please contact our People Team at [email protected].

Pursuant to the requirements of the California Consumer Privacy Act, OppFi is providing the "OppFi California Employee Privacy Policy", which details the categories of personal information collected and your rights under the policy. If you are a California resident, please review the policy here: https://www.oppfi.com/careers/.

The information in this document is for general informational purposes only. It is not intended to be an all-inclusive list or description of the organization and its requirements for positions and employees. OppFi reserves the right to modify or change the information on this document at its discretion.

What the Team is Saying

Mackenzie
Sanjib
Amanda
Chelsea
Dominic
The Company
HQ: Chicago, IL
450 Employees
Remote Workplace
Year Founded: 2012

What We Do

OppFi is a tech-enabled, mission-driven specialty finance platform that broadens the reach of community banks to extend credit access to everyday Americans. We have been an Inc. 5000 company for six straight years, a Deloitte’s Technology Fast 500™ for four consecutive years, and the seventh fastest-growing company in Chicagoland in 2021 as measured by Crain’s Chicago Business based on a five-year growth rate. We were listed on the Forbes America 2021 list of America’s Best Startup Employers and the Built In’s 2024 Best Places to Work in Chicago. OppFi maintains an A+ rating from the Better Business Bureau (BBB) and maintains a 4.5/5 star rating with more than 21,000 online customer reviews, making it one of the top customer-rated financial platforms online.

Why Work With Us

We pride ourselves on a collaborative company culture that allows our team members to show up as themselves. OppFi offers competitive salaries and great benefits like 401(k) matching, learning and development opportunities, and employee-led communities. We value team members who dream big, speak their minds, and are ready to make a difference.

Gallery

Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery

OppFi Offices

Remote Workspace

Employees work remotely.

OppFi is a remote-flexible workplace, meaning that team members have flexibility to work remotely and/or at the OppFi office located in downtown Chicago, depending on their role. Non-local employees are granted two annual trips to the Chicago office.

Typical time on-site: None
HQChicago, IL
OppFi is located in the heart of downtown Chicago, adjacent to Michigan Avenue and across the street from beautiful Millennium Park.

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account