OppFi · 2 months ago
Senior Security Analyst III
United States
Full-time
Remote
Mid, Senior Level
$123K/yr - $185K/yr
3+ years expOppFi is a leading tech-enabled digital finance platform that works with banks to provide financial products and services for everyday Americans. The Senior Security Analyst III will be a key contributor to security operations, focusing on threat monitoring, incident triage, and vulnerability remediation while ensuring compliance and security standards are met.
Customer ServiceFinancial ServicesFinTechInformation Technology
Responsibilities
Own the security review and assessment process evaluating the risk associated with introducing new applications/tools into the environment
Assist with security risk management activities, including the analysis, quantification, and tracking of information security risks, plus the review and documentation of risk exception requests
Identify emerging compliance requirements and assess their impact on our policies
Develop and refresh our policies, procedures, standards, and guidelines to stay compliant and aligned with industry best practices
Design and maintain dynamic dashboards or scorecards that offer clear insights into Information Security Governance activities, demonstrating our commitment to security and compliance
Monitor security alerts from various tools (SIEM, EDR, cloud logs) and support the triage of potential security incidents by gathering initial data and escalating to senior engineers as needed
Assist in the execution of security incident response playbooks, focusing on initial steps like investigation, basic containment, and documentation
Contribute to the documentation and tracking of security incidents to support audit and compliance requirements
Support the monitoring and logging strategy by assisting with the configuration and tuning of SIEM (Security Information and Event Management) alerts and reports
Perform regular log review and analysis for suspicious activities under the guidance of senior staff
Contribute to the development and maintenance of operational playbooks and documentation for security processes
Learn to deploy and manage new security tools and assist in the development of basic threat detection logic
Develop basic security performance metrics and assist with reporting to measure the effectiveness of security controls
Performs other related duties as assigned
Qualification
Required
3–5 years of professional experience in Information Security or IT Risk Management, with a background supporting IT compliance programs to meet regulatory requirements and demonstrated expertise in at least one of the following areas: Security Operations, Incident Response, or Vulnerability Management
Experience with Security and control frameworks, such as FFIEC, NIST, COBIT, ITIL, and ISO control framework
Experience with EDR platforms (e.g., CrowdStrike, Defender for Endpoint, SentinelOne)
Experience with SIEM/SOAR tools (e.g., Sumo Logic, Splunk, Chronicle, or Azure Sentinel)
Experience with CSPM tools (e.g., Wiz, Prisma, Orca)
Experience with Vulnerability management platforms (e.g., Qualys, Tenable, Rapid7)
Experience identifying potential IT controls risks and opportunities through and offering sustainable recommendations that address cause rather than symptoms
Experience with information security standards, best practices for securing computer systems within applicable laws and regulations
Experience with Governance Risk & Compliance (GRC) tools and procedure development
Solid understanding of common attack techniques (MITRE ATT&CK), incident triage, and remediation workflows
Foundational knowledge of AWS (Amazon Web Services) or other cloud environments
Basic understanding of networking, operating systems (Linux/Windows), and common security principles (e.g., least privilege, defense-in-depth)
Familiarity with automation frameworks or API integrations for security tools
Strong written communication skills necessary for developing clear, concise procedures and playbooks, coupled with effective verbal skills for communicating technical findings
Experience building dashboards and metrics for leadership visibility
Strong analytical and problem-solving skills with a keen attention to detail and a desire to learn quickly
Bachelor's degree in Cybersecurity, Computer Science, or equivalent experience
Preferred
Certifications such as CompTIA CySA+, GCIH, GCIA, GMON, GCDA, GSOC, or CISSP associate are preferred
Experience working in a regulated industry (financial services or health care)
Benefits
401(k) matching program
Generous paid time off
Medical, dental, and vision coverage
Tuition reimbursement
DoorDash DashPass
Figo pet insurance
Rocket Lawyer
Access to LinkedIn Learning
Fringe, a lifestyle benefits platform that allows employees to decide how to spend rewards from dozens of vendors like Uber, DoorDash, and UrbanSitter
Company
OppFi
OppFi a financial technology platform that powers banks to help the everyday consumer gain access to credit.
501-1000 employees
H1B Sponsorship
OppFi has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (5)
2024 (6)
2023 (7)
2022 (6)
2021 (10)
2020 (8)
Funding
Current Stage
Public CompanyTotal Funding
$650MKey Investors
Atalaya Capital
2025-10-02Post Ipo Debt· $150M
2023-07-25Post Ipo Debt· $300M
2022-12-20Post Ipo Debt· $150M
Leadership Team
Todd Schwartz
Founder, CEO & Executive Chairman
Ted Schwartz
Co-Founder & Director
Recent News
2025-11-11
Morningstar.com
2025-11-07
2025-11-01
Company data provided by crunchbase