​This is a full-time, Remote role at OppFi, a tech-enabled financial platform. Despite the “III” designation, the role functions as a high-level operational and tactical contributor, blending Security Operations (SecOps) with Governance, Risk, and Compliance (GRC). The position is ideal for an analyst who wants to bridge the gap between technical incident response and strategic risk management within a highly regulated financial services environment.

• ​Location: Remote.
• ​Experience Required: 3–5 years of professional experience in Information Security or IT Risk Management.
• ​Reporting Line: Reports to the Manager, Security Operations.
• ​Focus: Security reviews for new tools, incident triage, SIEM tuning, and maintaining security governance dashboards.
• ​Industry Context: Regulated financial services (FFIEC, NIST frameworks).

​What You Will Do: Risk Management & Technical Operations

​The role is divided between proactive risk governance and reactive security monitoring, requiring a “whole-environment” view of security.

​Information Security Risk & Governance

• ​Security Reviews: Own the assessment process for evaluating risks when introducing new applications or tools.
• ​Policy Development: Identify emerging compliance requirements and refresh policies/standards to align with NIST, ISO, or FFIEC.
• ​Governance Visibility: Design and maintain dynamic dashboards and scorecards to provide leadership with insights into governance activities.

​Security Operations & Incident Support

• ​Monitoring & Triage: Act as a key responder for alerts from SIEM, EDR, and cloud logs. Gather data and escalate spicy incidents to senior engineers.
• ​Playbook Execution: Follow incident response playbooks for investigation, basic containment, and documentation.
• ​SIEM Tuning: Assist in the configuration and tuning of SIEM alerts and reports to reduce noise and improve detection logic.
• ​Log Analysis: Perform regular reviews of system logs to identify suspicious activity under the guidance of senior staff.

​Required Technical Expertise and Qualifications

​OppFi is looking for an analyst who understands the “defense-in-depth” philosophy and has hands-on experience with modern cloud-native security stacks.

• ​Core Experience: 3–5 years in SecOps, IR, or Vulnerability Management. Experience in financial services or healthcare is highly preferred.
• ​Framework Knowledge: Familiarity with FFIEC, NIST, COBIT, ITIL, or ISO control frameworks.
• ​Technical Stack:
  • ​EDR: CrowdStrike, Defender for Endpoint, or SentinelOne.
  • ​SIEM/SOAR: Sumo Logic, Splunk, or Azure Sentinel.
  • ​CSPM: Wiz, Prisma, or Orca (Cloud Security Posture Management).
  • ​Vulnerability Management: Qualys, Tenable, or Rapid7.
• ​Cloud & Networking: Foundational knowledge of AWS; basic understanding of Linux/Windows and TCP/IP networking.
• ​Threat Intelligence: Solid understanding of the MITRE ATT&CK framework.
• ​Certifications (Preferred): CompTIA CySA+, GCIH, GCIA, GSOC, or CISSP Associate.

​Why This Role is Unique

​This position is unique because it doesn’t pigeonhole the analyst into a single silo. You are expected to be technical enough to tune a SIEM and investigate a cloud alert, but also professional enough to conduct a full security risk assessment for a new vendor. It offers a clear path toward security architecture or management by providing exposure to the GRC side of the house.