Principal Information Security Engineer

Self Financial is a venture-backed, high-growth FinTech company with a mission to increase economic inclusion and financial resilience by empowering people to build credit and build savings.

We're looking for people who share our passion and are driven to tackle challenges, find solutions and make the financial space better for the communities we serve.

Our team is passionate about challenging the status quo of the credit industry by providing people accessible tools to take control of their credit. Executing on our mission requires deep collaboration across our teams to ensure our products reach the people who can benefit from them the most, particularly the 100 million+ Americans who have no or low credit.

We celebrate diversity and are committed to creating an inclusive environment for all employees. To that end, we seek to recruit, develop and retain the most talented people from a diverse candidate pool.

Role Summary

The Principal Information Security Engineer is responsible for owning cybersecurity operations and defense across all Self products and infrastructure. This role plays a critical part in protecting customer data, ensuring compliance with SOC 2 and PCI requirements, and partnering closely with engineering and IT teams to detect, investigate, and respond to security threats. The ideal candidate brings deep expertise in security operations, threat detection, and incident response with hands-on experience in tools like Splunk Enterprise, CrowdStrike, Wiz, and Netskope.

What You Will Do

• Own end-to-end cybersecurity operations, including threat detection, incident response, and vulnerability management across all Self products and infrastructure
• Build, tune, and maintain detection content in Splunk Enterprise (SIEM) to identify threats, anomalies, and policy violations
• Operate and optimize CrowdStrike for endpoint detection and response (EDR), including alert triage, threat hunting, and containment
• Manage cloud security posture using Wiz, including misconfiguration identification, risk prioritization, and remediation tracking
• Administer and optimize Netskope for CASB and secure web gateway (SWG) functions, including DLP policy enforcement, shadow IT visibility, and web threat protection
• Design, manage, and optimize Next-Generation Firewalls (NGFW) and cloud native networking to enforce zero-trust principles and secure perimeter defenses.
• Lead incident response efforts - from detection through containment, eradication, and post-incident review
• Conduct proactive threat hunting across endpoint, network, and cloud environments
• Partner with engineering and infrastructure teams to remediate critical security findings and reduce attack surface
• Lead and perform third-party vendor security reviews and risk assessments
• Support SOC 2 and PCI compliance efforts, including audit preparation and evidence collection
• Identify security risks across the environment and recommend mitigation strategies
• Monitor emerging cybersecurity threats and translate them into actionable detection and prevention controls

Who You Are

• 12+ years of experience in cybersecurity, security operations, or information security engineering
• Hands-on experience with Splunk Enterprise for SIEM, log management, and detection engineering
• Proficiency with CrowdStrike for endpoint detection, response, and threat hunting
• Experience using Wiz or similar CSPM tools for cloud security visibility and risk remediation
• Hands-on experience with Netskope or similar CASB/SSE platforms for data loss prevention, shadow IT, and secure web access
• Strong background in incident response, including investigation, containment, and root cause analysis
• Experience with vulnerability management programs and remediation workflows
• Solid understanding of network security, cloud security (AWS/GCP/Azure), and identity and access management
• Experience supporting or operating within SOC 2 and PCI compliance environments
• Ability to partner effectively with engineering and infrastructure teams to drive security outcomes
• Strong risk assessment, prioritization, and communication skills

Preferred Qualifications

• Experience performing third-party vendor security assessments
• Familiarity with cloud-native architectures and container security
• Prior experience in fintech, regulated industries, or environments handling sensitive customer data
• Experience with threat intelligence platforms and integrating feeds into detection workflows
• Security certifications such as CISSP, CISM, GCIA, GCIH, GCED, or equivalent experience

Base salary range: $ 180,000-210,000 annually.  Individual pay is based on factors unique to each candidate, including skill set, experience, and other job-related reasons.

Benefits and Perks:

We have the compensation and benefits you expect. But there's one thing that Self Financial can offer that many companies cannot: we can positively change the world, while making a profit. We are a team of Builders, empowering our customers to build their dreams. We have a Do the Right Thing ethos in all that we do, and we hope you value that approach, too. 

Our perks include:

• Company equity in the form of Stock Options
• Performance-based bonuses
• Generous employer-paid health, vision and dental insurance coverage
• Flexible vacation policy
• Educational assistance
• Free gym membership
• Casual dress code
• Team building events and activities
• Remote work arrangements/ flexible work schedule
• Paid parental leave 

Self Financial requires all employees hired to successfully pass a background check.

We are an Equal Opportunity Employer.

At this time, we are only able to consider applicants who are U.S. Citizens or Green Card Holders for employment opportunities. We appreciate your understanding.