Apply on Employer Site

Concora Credit · 19 hours ago

Sr. Information Security Engineer

US-OR-Beaverton

Full-time

Onsite

Senior Level

6+ years exp

Concora Credit is a company focused on enabling customers to do more with credit. In this role, you will drive security initiatives, develop secure solutions, and lead enterprise security projects while collaborating with various teams to ensure compliance and best practices.

ConsumerFinanceFinancial ServicesFinTech

No H1B

Responsibilities

Identify new and novel ways to address information security challenges in the Concora environment

Develop secure solutions for new and existing systems, ensuring alignment with organizational security standards, regulatory requirements, and business goals

Lead the design, implementation, and optimization of enterprise security controls across on-prem, cloud, and hybrid environments

Represent Information Security as a member of various Enterprise Project teams from ideation through delivery and ensure security requirements and principles are embedded in new designs and solutions

Act as a senior resource and escalation point for less experienced staff for engineering, support, and troubleshooting efforts

Serve as a subject matter expert for threat modeling, risk assessments, and secure design reviews for critical infrastructure, applications, and cloud workloads

Develop and maintain advanced security automation, integrations, and tooling to improve detection, response, and overall security posture

Evaluate, select, and deploy new security technologies; lead POCs and drive vendor assessments to support strategic security initiatives

Collaborate with architecture, DevOps, and IT operations teams to embed security early in the system and application life cycle

Establish and maintain security baseline configurations, hardening standards, and technical policies across endpoints, servers, networks, and cloud services

Develop advanced SIEM, EDR, and logging strategies, including correlation rules, detection engineering, and response playbooks

Manage complex security projects, ensuring timely delivery, technical quality, and cross-team alignment

Demonstrate and champion the use of automation and scripting capabilities to deploy, manage, and maintain information security capabilities

Conduct information security risk assessments and security compliance audits on systems and services

Maintain awareness and knowledge of contemporary security laws, standards, practices, and methods

Other duties as assigned

Qualification

Application SecuritySecure Software DevelopmentInformation Security Control TechnologiesSecurity FrameworksCloud Security ArchitectureSecurity Incident ResponseScripting LanguagesAnalytical SkillsCommunication SkillsDocumentation Skills

Required

6+ years of experience in Application Security, Secure Software Development, or related fields

Bachelor's degree, applicable certification, or equivalent experience

Working knowledge of information security control technologies, including EDR, access control, cryptography, vulnerability management, SIEM/log management, ID/IPS, DLP, and more

Working knowledge of network protocols, desktops, laptops, DNS, and networking devices - servers, routers, VPNs, proxies, firewalls

Proven capability to take ownership of delegated initiatives with limited initial direction, using sound judgment to clarify scope, drive progress, and act as a trusted representative of the team

Demonstrated ability to translate security and compliance requirements into practical, business-aligned solutions that manage risk without unnecessarily impeding operations

Strong written and verbal communication and presentation skills, including the ability to discuss technical topics with a non-technical audience