Senior Security Analyst
San Francisco, CA
Credible
Credible is the best way to save money on student loans, personal loans, and your mortgage. Compare top lenders and find low rates in just minutes.Who is Credible?
We believe life’s changes create financial needs for people and that the traditional financial system often puts up unnecessary obstacles. People celebrate major milestones like going to college, getting married, and buying a home. And most of the time, these milestones come with financial implications.
At Credible, we have built a company with the mission of bringing transparency, choice, simple processes and savings to accessing credit for life’s important moments. What you see is what you get. We are committed to being upfront, honest, and clear about your options. There are no mysteries, no hidden fees, and no secret clauses.
Credible is a fast-growing Fintech company that has world class management, has raised multiple rounds of funding, is generating significant revenue and is disrupting the lending market and helping people save money and get out of debt faster.
About the Role:
We are looking for an experienced information security professional that will bring vision to the role and who has a strong background of partnering with other departments, primarily non-engineering teams, to develop secure practices. Ideally, you will have broad expertise in security standards, practices, tools and technologies applicable to online financial services that have extensive integrations with third party systems.
- Be an evangelist for security and promote a security conscious mindset throughout Credible, Increase employee security awareness via training and exercises
- Work with other security team members to improve and maintain the company's information security policies and guidelines
- Identify security and data privacy risks and implement controls to ensure that security policies are followed in enterprise IT and business operation teams
- Provide risk analysis to enable teams and leadership to take risk-based decisions
- Communicate and present key vendor security initiatives, practices and issues to business units
- Manage information security risk register and exceptions
- Assist with third party security inquires either in questionnaire or any other format
- Participate in third party security risk management program to perform security due diligence on critical third parties
- Support legal team with negotiation around Information security contract requirements
- Participate in security incidents management
- Work to improve security over time, proposing new techniques and solutions to mitigate security-related risks
Education and Experience:
- Bachelor’s or Master’s degree in Computer Science, Engineering or related field
- At least 5 years of experience in information security
- Solid understanding of network security, cloud security, security risk management, common security offense and defense concepts and practices
- Work knowledge of operating system and web application security
- Experience of managing security risks in financial institutions is a strong plus
- Problem solving skills and ability to work under pressure
- Self-starter with strong interpersonal, communication, and collaboration skills
- Understanding of security and security risk management frameworks: NIST CSF, FAIR risk quantification methodology, etc
- Information security risk management qualifications like CRISC, CISA, CISSP, CISM, etc is desirable
Why work at Credible?
We are a fast moving, fun-loving, seriously smart group of people who really care about impacting the lives of our customers. We empower our employees to make decisions, take risks, drive our business and make changes when we don’t get it right. These are our values:
- Exceed Customer Expectations: We provide an exceptional experience to each and every customer that compels them to share it with others.
- Take Ownership: We are trusted to make decisions that are in the best interests of our customers and our business. We think and act like owners. We care – and that makes all the difference.
- Be Curious: We are curious, ask questions, seek to understand and try new things.
- Do the Right Thing: We earn trust by being transparent, respectful and honest with each person with whom we interact.
- Get Results: Results fuel our excitement and we know how our personal accomplishments tie to the success of the company.
- Be Bold: We are courageous and take risks that scare us. Our enthusiasm for experimenting is how we will find the next breakthrough.
Our benefits: We offer competitive compensation, generous benefits, free food and a flexible vacation policy.
But mainly, you want to work at Credible because you believe in our mission and want to have a major role in delivering on it! We look forward to getting to know you.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
Tags: Application security CISA CISM CISSP Cloud Computer Science CRISC FinTech Network security NIST Privacy Risk analysis Risk management
Perks/benefits: Competitive pay Equity Flex vacation Transparency
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Manager Pentest H/F jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open ISO 27001-related jobs
- Open Clearance-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open CI/CD-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs