OppFi is a leading tech-enabled digital finance platform that works with banks to provide financial products and services for everyday Americans. Through a transparent and responsible platform, which includes financial inclusion and excellent customer experience, the Company supports consumers who are turned away by mainstream options to build better financial health.
We are a team of caring, innovative, and inclusive individuals who thrive in being immersed in diverse talents, expertise, perspectives, and backgrounds. Our employees approach every new challenge with an unparalleled ability to see what could be rather than settle for what is. Our business principles guide us and create an open and collaborative culture where we improve 1% every day, and the best ideas always win! We welcome individuals who want to make an impact in the financial system by facilitating credit access, expanding financial inclusion, promoting financial health, and delivering exceptional customer service.
A few other fun facts about us. OppFi is one of the top consumer-rated financial platforms online, maintaining a 4.5/5.0-star rating on Trustpilot. We are a 2025 Crain’s Fast 50™ company and were named on Built In's 2025 Best Places to Work in Chicago.
About the job:
The Senior Application Security Engineer coordinates with partners to implement solutions that protect the company, it's systems and data, to ensure the organization's technology ecosystem is designed with industry best security practices and company policy. Reporting to the Director of Application Security and IT GRC, you will work with IT staff to improve the security of our services, and design technical solutions to address security weaknesses.
If you enjoy analyzing system services, spotting issues in code, networks and applications from a security perspective, and have to recognize security issues that appear under new threat scenarios, then the application security engineer is for you.
What you get to do:
- Work with developers to educate on secure development practices, write code reviews, and align solutions to organizational standards.
- Provide penetration testing support, project security reviews, and application scanning processes throughout the stages of the software development lifecycle.
- Track security vulnerabilities and exposure in our third-party libraries, and manage mitigation implementations.
- Work to mature our internal libraries, build systematic protections for classes of vulnerabilities, and to shield developers from dangerous code or unsafe defaults in third-party libraries.
- Manage third-party code reviews for high-exposure projects.
- Integrate static analysis into our continuous integration process and helping developers understand how to manage risk in their code.
- Advocate for security across the company
What you will bring to the team:
- 10+ years work experience in application development or application security
- Experience with web application penetration testing
- Professional development in at least two or more languages - we use Ruby, Python, Clojure, and Apex (Salesforce)
- Experience deploying SAST tooling and integrate it into developer workflows
- Supply chain security management with Artifactory or similar
- In-depth experience with web vulnerabilities, including deploying best-practice framework fixes into legacy codebases
- Experience with independent or dev-paired code reviews, including both finding vulnerabilities and teaching developers how to find and reduce issues
- Experience mentoring other engineers in security
Total Rewards and Benefits:
At OppFi, we are committed to fostering a fair and equitable workplace. The compensation range for this role reflects our good faith compensation estimate for this position. Final offers are determined based on a myriad of factors including, but not limited to experience, skills, qualifications, and other relevant business considerations. Candidates are encouraged to discuss compensation expectations during the hiring process. In addition to base pay, the total compensation package includes eligibility and potential for performance-based bonuses and equity grants dependent upon the role and job level.
OppFi offers a flexible, remote environment, 401(k) matching program, and generous paid time off. Other benefits include medical, dental, and vision coverage, and tuition reimbursement. Additional benefits include DoorDash DashPass, Figo pet insurance, Rocket Lawyer, and access to LinkedIn Learning. OppFi also offers Fringe, a lifestyle benefits platform that allows employees to decide how to spend rewards from dozens of vendors like Uber, DoorDash, and UrbanSitter. #LI-Remote
EEO Statement:
OppFi is an equal opportunity employer and does not discriminate based on any actual or perceived legally recognized protected bases under local, state, federal law, or regulations. Our goal as a company is to build an equitable workplace that actively works to dismantle systems of oppression in our processes, procedures, and interactions. We aim to help our employees thrive where they work and beyond. Check out our Culture page here.
As part of OppFi’s commitment to providing equal opportunity to qualified individuals, OppFi will ensure that persons with disabilities are provided reasonable accommodation as defined by applicable laws and organizational policies. If reasonable accommodation is needed to participate in the job application or interview processes or job requirements, please contact our People Team at [email protected].
Pursuant to the requirements of the California Consumer Privacy Act, OppFi is providing the "OppFi California Employee Privacy Policy", which details the categories of personal information collected and your rights under the policy. If you are a California resident, please review the policy here: https://www.oppfi.com/careers/.
The information in this document is for general informational purposes only. It is not intended to be an all-inclusive list or description of the organization and its requirements for positions and employees. OppFi reserves the right to modify or change the information on this document at its discretion.
Top Skills
Similar Jobs at OppFi
What you need to know about the Charlotte Tech Scene
Key Facts About Charlotte Tech
- Number of Tech Workers: 90,859; 6.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Lowe’s, Bank of America, TIAA, Microsoft, Honeywell
- Key Industries: Fintech, artificial intelligence, cybersecurity, cloud computing, e-commerce
- Funding Landscape: $3.1 billion in venture capital funding in 2024 (CED)
- Notable Investors: Microsoft, Google, Falfurrias Management Partners, RevTech Labs Foundation
- Research Centers and Universities: University of North Carolina at Charlotte, Northeastern University, North Carolina Research Campus
