Senior Information Security Analyst
Helping the Everyday Consumer Build Financial Health
OppFi is a leading financial technology platform that powers banks to help the everyday consumer gain access to credit. Through our unwavering commitment to customer service, OppFi helps consumers who are turned away by traditional providers build a better financial path. OppFi is an Inc. 5000 company for five straight years, a Deloitte's Technology Fast 500™, and the seventh fastest-growing Chicagoland company by Crain's Chicago Business. The company was also named on Forbes America 2021 list of America's Best Startup Employers and Built In's 2021 Best Places to Work in Chicago. We welcome individuals to join us in facilitating financial inclusion and credit access for everyday consumers to live the life they deserve.
OppFi is a team of caring, innovative, and inclusive individuals with diverse perspectives and backgrounds. Our employees approach every new challenge with an unparalleled ability to see what could be rather than settle for what is. We want people to be excited to come to work every day and know you are a part of making a difference. Our company values guide us and create an open and collaborative culture where we hold the door, say what we see, do what we say, and dare to win together!
What you get to do:
- Manage the process and tools for Information Security & Risk Management, and process IT due-diligence requests and ensure compliance to policies, procedures and regulations.
- Work with partners in IT, Compliance, Internal Audit, and Legal to review and provide security guidance on current and new processes, maintain evidence and artifacts for all audits.
- Identify and analyze new requirements for policy impacts; develop and update policies, procedures and guidelines.
- Be the primary point of security risk management activities, including analyzing, quantifying, and tracking identified information security risks and reviewing and documenting risk exception requests.
- Manage risk related to vendor risk through RFI engagement, contract review and the administration of an RCSA framework.
- Organize and track cybersecurity audit engagements and due diligence activities.
- Use working knowledge of information security best practices to ensure IT controls are in place to meet our external audit and client requirements.
- Recommend improvements to our information systems control environment, risk management and IT audit processes to reduce duplicate audit requests in addition to minimizing Process Owner dependency to obtain control evidence.
- Work with the Technology Process Owners to create, modify, validate, and decommission policies/procedures.
- Ensure compliance with established IT policies and procedures by examining IT records, reports, operating practices, and documentation.
- Create dynamic dashboards and scorecards for visibility of Information Security Governance activities.
What you will bring to the team:
- Experience with security and control frameworks, such as FFIEC, NIST, COBIT, ITIL, and ISO control framework
- Background in Information Security, IT Risk Management, or IT Audit
- 8+ years of experience supporting Information Technology compliance programs to meet regulatory or compliance requirements
- Experience identifying potential IT controls risks and opportunities through and offering sustainable recommendations that address cause rather than symptoms
- Experience with information security standards, best practices for securing computer systems within applicable laws and regulations
- Experience with Governance Risk & Compliance (GRC) tools and procedure development
- Experience working in a regulated industry (financial services or health care)
Define your career at OppFi
OppFi is committed to providing an exceptional employee experience that allows you to define your career and purpose with us. New team members go through orientation, shadow programs, a new hire lunch with our CEO, Jared Kaplan, and you can participate in different company culture events focused on diversity, equity, and inclusion. Our team has designed programs to make you feel welcome and part of our team during your first year and beyond.
- Define the mission (days 1-30): You will understand our company mission, values, and vision, and how your role at OppFi plays a part in that.
- Define your goals (months 1-3): You will be able to understand your role expectations and identify goals with your manager and mentor(s) to fulfill those expectations.
- Define your belonging (months 3-6): You will understand OppFis’ culture and have opportunities to engage with and impact that culture. Business Resource Groups and other programs are offered to help with community connection both virtually and in-person.
- Define your journey (6 months - 1 year): You will feel confident in your abilities to execute in your role and know the next step you will take to develop your career.
Compensation and Benefits
OppFi offers a flexible remote environment, 401(k) matching program, and flexible paid vacation. Other benefits include medical benefits, dental and vision coverage, and tuition reimbursement. To support your wellness & growth, we provide monthly meditation and yoga classes and access to all LinkedIn Learning courses. We also offer Fringe, which is a lifestyle benefits platform that lets you decide how you want to spend your rewards from dozens of vendors like Uber, Doordash and Urban Sitter. Dress code is casual.
EEOC Statement:
Our goal as a company is to build an equitable workplace that actively works to dismantle systems of oppression in our processes, procedures, and interactions. We aim to help our employees thrive where they work and beyond. Check out our Culture page here.
OppFi is committed to the full inclusion of all qualified individuals. As part of this commitment, OppFi will ensure that persons with disabilities are provided reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact our People team at [email protected].
Pursuant to the requirements of the California Consumer Privacy Act, OppFi is providing the "OppFi California Employee Privacy Policy", which details the categories of personal information collected and your rights under the policy. If you are a California resident, please review the policy here: https://www.oppfi.com/careers/