OppFi
Senior Security Engineer II
Job Summary
The Senior Security Engineer I at OppFi is responsible for ensuring the security and compliance of the company's environment, focusing on cloud and on-premises infrastructure. They will conduct vulnerability assessments, respond to security incidents, and develop security architectures with controls like firewalls and intrusion prevention systems. The role requires extensive experience in security operations, cloud environments, and automation scripting, with relevant certifications and a strong attention to detail. The position offers a remote work environment along with comprehensive benefits, including health coverage, retirement plans, and lifestyle perks.
Required Skills
Benefits
Job Description
OppFi is a leading tech-enabled digital finance platform that works with banks to provide financial products and services for everyday Americans. Through a transparent and responsible platform, which includes financial inclusion and excellent customer experience, the Company supports consumers who are turned away by mainstream options to build better financial health.
We are a team of caring, innovative, and inclusive individuals who thrive in being immersed in diverse talents, expertise, perspectives, and backgrounds. Our employees approach every new challenge with an unparalleled ability to see what could be rather than settle for what is. Our business principles guide us and create an open and collaborative culture where we improve 1% every day, and the best ideas always win! We welcome individuals who want to make an impact in the financial system by facilitating credit access, expanding financial inclusion, promoting financial health, and delivering exceptional customer service.
A few other fun facts about us. OppFi is one of the top consumer-rated financial platforms online, maintaining a 4.5/5.0-star rating on Trustpilot. We are a 2025 Crain’s Fast 50™ company and were named on Built In's 2025 Best Places to Work in Chicago.
About the job:
We are looking for a motivated, and service-oriented Senior Security Engineer I with hands-on knowledge of AWS, cloud architecture, and security best practices to join our expanding Information Security team. You will work directly with OppFi internal teams to ensure overall environment security, visibility, and compliance measures are adhered to and enforced. You will evaluate existing technical capabilities and systems, and identify opportunities for improvements while maintaining standard operating procedures and protocols to ensure Security Operations continues to meet operational requirements.
What you get to do:
- Balance the needs of delivering technical security assurance while still allowing development and operations teams to move quickly
- Conduct cloud and on-prem vulnerability assessments, analyzing vulnerabilities, determining severity, and recommending paths for eliminating or mitigating security gaps
- Triage, investigate and respond to potential incidents. Provide on-call support when needed.
- Work with Engineering and IT teams to ensure that programmatically-deployed infrastructure is built following OppFi’s security principles
- Ensure the proper security controls are deployed within our cloud environments to address confidentiality, integrity, and availability of these services
- Build automation for in-house network, service, and endpoint security testing
- Help with the identification and evaluation of security gaps, and translate them into functional specifications to implement
- Cybersecurity related duties as assigned/required to support specialized activities.
- Develop and implement robust security architectures encompassing firewall policies, VPNs, intrusion detection/prevention systems (IDS/IPS), network segmentation, and access control mechanisms.
- Integrate and manage CASB solutions to provide visibility and control over data and applications in the cloud.
- Deploy and manage WAF solutions to safeguard web applications against threats and vulnerabilities.
- Maintain a current understanding of the security threat landscape. Research and review new technologies and trends
What you will bring to the team:
- Bachelor’s Degree in Computer Science, Information Assurance, Cyber Security, or related field of study
- CISSP, Security+, or other Cybersecurity Industry recognized certification
- Experience with security operations systems: MDM, DLP, Firewalls, CASB, Log collectors, SIEM/SOC, EDR, VPN.
- 7+ years of experience in security operations
- Strong attention to detail with an analytical mind and outstanding problem-solving skills
- Solid Understanding of Incident response process and procedures including in the cloud
- Experience using a vulnerability management tool (Qualys, Tenable, etc) to scan, manage and prioritize vulnerabilities
- Professional demeanor, good interpersonal skills, and ability to excel in a high-paced multi-tasked environment
- Knowledge of AWS, Azure, cloud infrastructure and IT infrastructures
- Able to automate/script daily tasks using Python, Bash or equivalent
- Some experience with security operations systems: MDM, DLP, Firewalls, CASB, Log collectors, SIEM/SOC, EDR, VPN
- Knowledge of security and risk management practices and security frameworks (FFIEC, NIST, ISO, CIS Benchmarks, SOC2)
- Experience with Terraform and CloudFormation is a huge plus
Reports to: Manager, Security Operations
Total Rewards and Benefits:
At OppFi, we are committed to fostering a fair and equitable workplace. The compensation range for this role reflects our good faith compensation estimate for this position. Final offers are determined based on a myriad of factors including, but not limited to experience, skills, qualifications, and other relevant business considerations. Candidates are encouraged to discuss compensation expectations during the hiring process. In addition to base pay, the total compensation package includes eligibility and potential for performance-based bonuses and equity grants dependent upon the role and job level.
OppFi offers a flexible, remote environment, 401(k) matching program, and generous paid time off. Other benefits include medical, dental, and vision coverage, and tuition reimbursement. Additional benefits include DoorDash DashPass, Figo pet insurance, Rocket Lawyer, and access to LinkedIn Learning. OppFi also offers Fringe, a lifestyle benefits platform that allows employees to decide how to spend rewards from dozens of vendors like Uber, DoorDash, and UrbanSitter. #LI-Remote
EEO Statement:
OppFi is an equal opportunity employer and does not discriminate based on any actual or perceived legally recognized protected bases under local, state, federal law, or regulations. Our goal as a company is to build an equitable workplace that actively works to dismantle systems of oppression in our processes, procedures, and interactions. We aim to help our employees thrive where they work and beyond. Check out our Culture page here.
As part of OppFi’s commitment to providing equal opportunity to qualified individuals, OppFi will ensure that persons with disabilities are provided reasonable accommodation as defined by applicable laws and organizational policies. If reasonable accommodation is needed to participate in the job application or interview processes or job requirements, please contact our People Team at [email protected].
Pursuant to the requirements of the California Consumer Privacy Act, OppFi is providing the "OppFi California Employee Privacy Policy", which details the categories of personal information collected and your rights under the policy. If you are a California resident, please review the policy here: https://www.oppfi.com/careers/.
The information in this document is for general informational purposes only. It is not intended to be an all-inclusive list or description of the organization and its requirements for positions and employees. OppFi reserves the right to modify or change the information on this document at its discretion.
OppFi
OppFi is a leading tech-based finance platform that broadens the reach of community banks to extend credit access for everyday Americans.
See more jobsSafe Remote Job Search Tips
Verify Employer Thoroughly
Research the company's identity thoroughly before applying. Check for a professional website with contacts, active social media, and LinkedIn profiles. Verify details across platforms and look for reviews on Glassdoor or Trustpilot to confirm legitimacy.
Never Pay to Get a Job
Legitimate employers never require payment for applications, training, background checks, or equipment. Always reject upfront payment requests or demands for bank details, even if they claim it's for purchasing necessary work gear on your behalf.
Safeguard Your Personal Information
Protect sensitive data like SSN, bank details, or ID copies. Share this only after accepting a formal, written job offer. Ensure it's submitted via a secure company system or portal, never through insecure channels like standard email attachments.
Scrutinize Communication & Interviews
Watch for communication red flags: poor grammar, generic emails (@gmail), vague details, or undue pressure. Be highly suspicious of interviews held only via text or chat apps; legitimate companies typically use video or phone calls.
Beware of Unrealistic Offers
If an offer's salary or benefits seem unrealistically high for the work involved, be cautious. Research standard pay for similar roles. Offers that appear 'too good to be true' are often scams designed to lure you into providing information or payment.
Insist on a Formal Contract
Always secure and review a formal, written job offer or employment contract before starting work or sharing final personal details. Ensure it clearly defines your role, compensation, key terms, and conditions to avoid misunderstandings or scams.