Engineer, Security

Engineering San Francisco, California Murray, Utah Helena, Montana


Description

SoFi is a mission driven company where we are laser focused on helping our members get their money right. We're doing this by providing a set of game changing capabilities for our members across a broad set of financial products that our members use daily -- moving from a high pressure, transaction based sales relationship to a mutually beneficial, incentive-aligned lifetime relationship. We are looking for a talented Security Engineer that's both excited about this mission and about using technology to help make our members financial lives better.

SoFi is seeking an experienced Security Engineer to further its Security program. The ideal candidate comes with a strong background in information security and is able to implement scalable solutions to mitigate security threats. They should have a deep understanding and desire to grow in one or more of the following security areas; data security, infrastructure security, and/ or application security. The ideal candidate will possess a willingness to learn and grow in a fast paced environment. As a member of the Security team, you will be part of a group of highly skilled security engineers tuned-in to threat research and technical innovation. You will work closely with the engineering teams and other business functions to tackle complex technical problems and build secure products.

By joining SoFi, you'll become part of a forward-thinking company that is transforming financial services. Ranked as one of the fastest growing fin tech companies, we strive to hire world class talent to our team and offer the excitement of a rapidly growing startup with a strong leadership team.

SoFi is a new kind of finance company taking a radical approach to lending, wealth management and insurance. From unprecedented products and tools to faster service and open conversations, we're all about helping our members get ahead and find success. Whether they're looking to buy a home, save money on student loans, ascend in their careers, or invest in the future, the SoFi community works to empower our members to accomplish the goals they set and achieve financial greatness as a result. Having raised nearly $2 billion in funding since 2011 and boasting over 500,000 members and over 1,400 employees, SoFi's future is bright.

Key responsibilities include

  • Perform technical security assessments, assist with penetration tests, code audits and design reviews.
  • Develop solutions to scale security testing and enable engineering teams to identify security flaws pre-production .
  • Act as an advisor in the area of secure system development and threat mitigation.
  • Stay current on security trends related to threats, vulnerabilities and security solutions.
  • Demonstrate leadership through evangelizing security, identification of issues and driving resolution across corporate functions.


Requirements

  • Bachelor's degree in computer science or a related field.
  • 2+ years of experience in information security or related field.
  • Experience with AWS or other cloud providers.
  • Basic understanding of DNS, firewalls, proxies, WAFs, SIEM, antivirus, and IDS/IPS concepts.
  • Ability to identify and mitigate vulnerabilities and explain how to avoid them.
  • Experience in web application security, mobile app security, infrastructure security and/or data security.
  • Understanding of OWASP Top 10 recommendations.
  • Experience in UNIX/Linux operating systems administration.
  • Experience with configuration management tooling such as Salt.
  • Understanding of relational databases (MySQL or Postgres).
  • Understanding of cloud security and best practices.
  • Working knowledge of Python or other scripting language.
  • Working experience with Java (or another Object-Oriented Programming language).


Pluses

  • Familiarity with at-scale services.
  • Familiarity with Docker and kubernetes.
  • Familiarity with secure coding practices.
  • Familiarity with security standards such as PCI DSS, ISO 27001, NIST SP 800-53, etc.
  • Experience working with identity and access control management solutions.
  • Familiarity with infrastructure best practices.
  • Experience working in a risk-based security program.
  • Experience working with a distributed team.
  • Security certifications (e.g., CISSP, CEH or relevant SANS GIAC).
  • Personal Attributes of the Ideal Candidate Include
  • Ability to thrive in a fast-paced, growing company.
  • Ability to drive a project from inception to completion.
  • Enthusiasm for solving challenging problems.
  • Team attitude: a willingness to roll up your sleeves, work with others and get stuff done.
  • Ability and desire to lead direct team members, virtual team members, and projects.
  • Effective oral and written communication skills to effectively interact with engineers and managers.



This is a full-time position. The standard schedule is Monday through Friday, 8:00 a.m. to 5 p.m., with some flexibility available. Occasional evening and weekend work may be required as job duties demand.

Benefits

  • Lunch stipend, a fully stocked kitchen, and subsidized gym membership.
  • Competitive salary packages and bonuses.
  • A flexible vacation policy allows you to truly relax and reboot.
  • Comprehensive health, vision, dental, and life insurance as well as disability benefits.
  • 100% of health, vision, and dental premiums paid by SoFI for employees and their dependents.
  • 401(k) and education on retirement planning.
  • Tuition reimbursement on approved programs, up to $5,250 a year.
  • Monthly contribution to help you pay off your student loans.


Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.