Back to jobs
New

Senior Security Engineer II, Application Security

Remote

OppFi is a leading tech-enabled digital finance platform that works with banks to provide financial products and services for everyday Americans. Through a transparent and responsible platform, which includes financial inclusion and excellent customer experience, the Company supports consumers who are turned away by mainstream options to build better financial health.

We are a team of caring, innovative, and inclusive individuals who thrive in being immersed in diverse talents, expertise, perspectives, and backgrounds. Our employees approach every new challenge with an unparalleled ability to see what could be rather than settle for what is. Our business principles guide us and create an open and collaborative culture where we improve 1% every day, and the best ideas always win! We welcome individuals who want to make an impact in the financial system by facilitating credit access, expanding financial inclusion, promoting financial health, and delivering exceptional customer service.

A few other fun facts about us. OppFi is one of the top consumer-rated financial platforms online, maintaining a 4.5/5.0-star rating on Trustpilot. We are a 2025 Crain’s Fast 50™ company and were named on Built In's 2025 Best Places to Work in Chicago.

 About the job:

The Senior Application Security Engineer coordinates with partners to implement solutions that protect the company, it's systems and data, to ensure the organization's technology ecosystem is designed with industry best security practices and company policy. Reporting to the Director of Application Security and IT GRC, you will work with IT staff to improve the security of our services, and design technical solutions to address security weaknesses.

If you enjoy analyzing system services, spotting issues in code, networks and applications from a security perspective, and have to recognize security issues that appear under new threat scenarios, then the application security engineer is for you.

What you get to do:

  • Work with developers to educate on secure development practices, write code reviews, and align solutions to organizational standards.
  • Provide penetration testing support, project security reviews, and application scanning processes throughout the stages of the software development lifecycle.
  • Track security vulnerabilities and exposure in our third-party libraries, and manage mitigation implementations.
  • Work to mature our internal libraries, build systematic protections for classes of vulnerabilities, and to shield developers from dangerous code or unsafe defaults in third-party libraries.
  • Manage third-party code reviews for high-exposure projects.
  • Integrate static analysis into our continuous integration process and helping developers understand how to manage risk in their code.
  • Advocate for security across the company

What you will bring to the team:

  • 10+ years work experience in application development or application security
  • Experience with web application penetration testing
  • Professional development in at least two or more languages - we use Ruby, Python, Clojure, and Apex (Salesforce)
  • Experience deploying SAST tooling and integrate it into developer workflows
  • Supply chain security management with Artifactory or similar
  • In-depth experience with web vulnerabilities, including deploying best-practice framework fixes into legacy codebases
  • Experience with independent or dev-paired code reviews, including both finding vulnerabilities and teaching developers how to find and reduce issues
  • Experience mentoring other engineers in security

Total Rewards and Benefits: 

At OppFi, we are committed to fostering a fair and equitable workplace. The compensation range for this role reflects our good faith compensation estimate for this position. Final offers are determined based on a myriad of factors including, but not limited to experience, skills, qualifications, and other relevant business considerations. Candidates are encouraged to discuss compensation expectations during the hiring process. In addition to base pay, the total compensation package includes eligibility and potential for performance-based bonuses and equity grants dependent upon the role and job level. 

OppFi offers a flexible, remote environment, 401(k) matching program, and generous paid time off. Other benefits include medical, dental, and vision coverage, and tuition reimbursement. Additional benefits include DoorDash DashPass, Figo pet insurance, Rocket Lawyer, and access to LinkedIn Learning. OppFi also offers Fringe, a lifestyle benefits platform that allows employees to decide how to spend rewards from dozens of vendors like Uber, DoorDash, and UrbanSitter. #LI-Remote

Compensation Range:

$123,200 - $184,800 USD

EEO Statement:

OppFi is an equal opportunity employer and does not discriminate based on any actual or perceived legally recognized protected bases under local, state, federal law, or regulations. Our goal as a company is to build an equitable workplace that actively works to dismantle systems of oppression in our processes, procedures, and interactions. We aim to help our employees thrive where they work and beyond. Check out our Culture page here.

As part of OppFi’s commitment to providing equal opportunity to qualified individuals, OppFi will ensure that persons with disabilities are provided reasonable accommodation as defined by applicable laws and organizational policies. If reasonable accommodation is needed to participate in the job application or interview processes or job requirements, please contact our People Team at recruiting@oppfi.com.

Pursuant to the requirements of the California Consumer Privacy Act, OppFi is providing the "OppFi California Employee Privacy Policy", which details the categories of personal information collected and your rights under the policy. If you are a California resident, please review the policy here: https://www.oppfi.com/careers/.

The information in this document is for general informational purposes only. It is not intended to be an all-inclusive list or description of the organization and its requirements for positions and employees. OppFi reserves the right to modify or change the information on this document at its discretion.

Create a Job Alert

Interested in building your career at OppFi? Get future opportunities sent straight to your email.

Apply for this job

*

indicates a required field

Resume/CV

Accepted file types: pdf, doc, docx, txt, rtf

Cover Letter

Accepted file types: pdf, doc, docx, txt, rtf

Select...

Please let us know if you heard about us from a current team member (list their name here), online, from an event, or through any another medium.  

Select...
Select...

Note: The term “Immediate Family Member” includes, with respect to the specified person, a spouse, parent, child, sibling, mother-in-law, father-in-law, son-in-law, daughter-in-law, brother-in-law, sister-in-law, and anyone (other than a domestic employee) who resides in the specified person’s home.

Select...
Select...

Voluntary Self-Identification

For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in OppFi’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Select...
Select...
Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Select...

Voluntary Self-Identification of Disability

Form CC-305
Page 1 of 1
OMB Control Number 1250-0005
Expires 04/30/2026

Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

  • Alcohol or other substance use disorder (not currently using drugs illegally)
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
  • Blind or low vision
  • Cancer (past or present)
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or serious difficulty hearing
  • Diabetes
  • Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
  • Epilepsy or other seizure disorder
  • Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
  • Intellectual or developmental disability
  • Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
  • Missing limbs or partially missing limbs
  • Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
  • Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
  • Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
  • Partial or complete paralysis (any cause)
  • Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
  • Short stature (dwarfism)
  • Traumatic brain injury
Select...

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.