ABOUT OPORTUN
Oportun (Nasdaq: OPRT) is a digital banking platform that puts its 2.2 million members' financial goals within reach. With intelligent borrowing and savings, Oportun empowers members with the confidence to build a better financial future. Since inception, Oportun has provided more than $17.8 billion in responsible and affordable credit, saved its members more than $2.3 billion in interest and fees, and helped our members save an average of more than $1,800 annually. For more information, visit Oportun.com.
WORKING AT OPORTUN
Working at Oportun means enjoying a differentiated experience of being part of a team that fosters a diverse, equitable and inclusive culture where we all feel a sense of belonging and are encouraged to share our perspectives. This inclusive culture is directly connected to our organization's performance and ability to fulfill our mission of delivering affordable credit to those left out of the financial mainstream. We celebrate and nurture our inclusive culture through our employee resource groups.
Engineering Business Unit Overview:
The charter for Engineering group at Oportun is to be the world-class engineering force behind our innovative products. The group plays a vital role in designing, developing, and maintaining cutting-edge software solutions that power our mission and advance) our business. We strike a balance between leveraging leading tools and developing in-house solutions to create member experiences that empower their financial independence.
The talented engineers in this group are dedicated to delivering and maintaining performant, elegant, and intuitive systems to our business partners and retail members. Our platform combines service-oriented platform features with sophisticated user experience and is enabled through a best-in-class (and fun to use!) automated development infrastructure. We prove that FinTech is more fun, more challenging, and in our case, more rewarding as we build technology that changes our members’ lives.
Engineering at Oportun is responsible for high quality and scalable technical execution to achieve business goals and product vision. They ensure business continuity to members by effectively managing systems and services - overseeing technical architectures and system health. In addition, they are responsible for identifying and executing on the technical roadmap that enables product vision as well as fosters member & business growth in a scalable and efficient manner.
Position Overview:
As a Senior Software Engineer at Oportun, you will be a key member of our engineering team, responsible for designing, developing, and maintaining sophisticated software solutions in achieving the charter of the engineering group. Your mastery of a technical domain enables you to take up business problems and solve them with a technical solution. With your depth of expertise and leadership abilities, you will actively contribute to architectural decisions, mentor junior engineers, and collaborate closely with cross-functional teams to deliver high-quality, scalable software solutions that advance our impact in the market. This is a role where you will have the opportunity to take up responsibility in leading the technology effort – from technical requirements gathering to final successful delivery of the product - for large initiatives (cross-functional and multi-month long projects).
Responsibilities:
Conduct threat modeling, architecture review, security code review, security assessment, PCI testing, penetration testing (web application, native application, web services, cloud-based services, and infrastructure assessments). Perform in-depth security review of new application features. This includes identifying security vulnerabilities (OWASP top ten, common issues in NVD, RCE), reviewing code in Java/JavaScript/Golang, verifying security posture through pen-test (using manual/automated techniques with tools from third parties. Perform cloud infrastructure security reviews; the primary focus will be on AWS and many of its common service components (EKS, Istio, S3, IAM, EC2, VPC). Document security best practices, develop tools, libraries, scripts or customize existing tools to automate security vulnerability detection and remediation. Identify gaps in existing cloud security architecture design/configuration and recommend changes (authentication, authorization, network segmentation, container configuration, bastion host setup). Partner with engineering and operation teams to integrate mitigation controls into continuous integration, delivery and deployment processes. Work on areas to develop security baseline for cloud, container, and application and integrate into the CI/CD pipeline. Implement security architecture, methods, and controls required to meet security, compliance, and audit requirements (PCI, NIST controls, SOC2).
Minimum Education & Experience Requirements:
Requires a Bachelor’s degree in Computer Science, Information Assurance/Security, Cyber Security, Computer Engineering, Electrical Engineering, a related field, or a foreign equivalent. Must have 6 years of experience in the job offered or related occupation. Must have 4 years of experience in software security architecture and design review; Threat Modeling; Security Code Review; SDLC; Best practices and mitigations for application security; AWS security; Penetration Testing; and in range of security technologies including VPC, IAM, KMS, etc. in AWS.
We are proud to be an Equal Opportunity Employer and consider all qualified applicants for employment opportunities without regard to race, age, color, religion, gender, national origin, disability, sexual orientation, veteran status or any other category protected by the laws or regulations in the locations where we operate.
California applicants can find a copy of Oportun's CCPA Notice here: https://oportun.com/privacy/california-privacy-notice/.
We will never request personal identifiable information (bank, credit card, etc.) before you are hired. We do not charge you for pre-employment fees such as background checks, training, or equipment. If you think you have been a victim of fraud by someone posing as us, please report your experience to the FBI’s Internet Crime Complaint Center (IC3).