Sr. InfoSec Engineer

As a Sr. Information Security Engineer youll help drive Concora Credits Mission to enable customers to Do More with Credit every single day.

The impact youll have at Concora Credit:

In your role you will work as part of an IT Information Security Team in an agile environment. This senior-level position is a technical hands-on role. Your focus will be on administration implementation support incident response control monitoring best practice guidance and security compliance support.

We hire people not positions. Thats because at Concora Credit we put people first including our customers partners and Team Members. Concora Credit is guided by a single purpose: to help non-prime customers do more with credit. Today we have helped millions of customers access credit. Our industry leadership resilience and willingness to adapt ensure we can help our partners responsibly say yes to millions more. As a company grounded in entrepreneurship were looking to expand our team and are looking for people who foster innovation strive to make an impact and want to Do More! Were an established company with over 20 years of experience but now were taking things to the next level. Were seeking someone who wants to impact the business and play a pivotal role in leading the charge for change.

As our Sr. Information Security Engineer you will:

• Identify new and novel ways to address information security challenges in the Concora environment.
• Develop secure solutions for new and existing systems ensuring alignment with organizational security standards regulatory requirements and business goals.
• Lead the design implementation and optimization of enterprise security controls across on-prem cloud and hybrid environments.
• Represent Information Security as a member of various Enterprise Project teams from ideation through delivery and ensure security requirements and principles are embedded in new designs and solutions.
• Act as a senior resource and escalation point for less experienced staff for engineering support and troubleshooting efforts.
• Serve as a subject matter expert for threat modeling risk assessments and secure design reviews for critical infrastructure applications and cloud workloads.
• Develop and maintain advanced security automation integrations and tooling to improve detection response and overall security posture.
• Evaluate select and deploy new security technologies; lead POCs and drive vendor assessments to support strategic security initiatives.
• Collaborate with architecture DevOps and IT operations teams to embed security early in the system and application life cycle.
• Establish and maintain security baseline configurations hardening standards and technical policies across endpoints servers networks and cloud services.
• Develop advanced SIEM EDR and logging strategies including correlation rules detection engineering and response playbooks.
• Manage complex security projects ensuring timely delivery technical quality and cross-team alignment.
• Demonstrate and champion the use of automation and scripting capabilities to deploy manage and maintain information security capabilities.
• Conduct information security risk assessments and security compliance audits on systems and services.
• Maintain awareness and knowledge of contemporary security laws standards practices and methods.
• Other duties as assigned.

These duties must be performed with or without reasonable accommodation.

We know experience comes in many forms and that many skills are transferable. If your experience is close to what were looking for consider applying. Diversity has made us the entrepreneurial and innovative company that we are today.

Requirements:

• 6 years of experience in Application Security Secure Software Development or related fields.
• Bachelors degree applicable certification or equivalent experience.
• Working knowledge of information security control technologies including EDR access control cryptography vulnerability management SIEM/log management ID/IPS DLP and more.
• Working knowledge of network protocols desktops laptops DNS and networking devices - servers routers VPNs proxies firewalls.
• Proven capability to take ownership of delegated initiatives with limited initial direction using sound judgment to clarify scope drive progress and act as a trusted representative of the team.
• Demonstrated ability to translate security and compliance requirements into practical business-aligned solutions that manage risk without unnecessarily impeding operations.
• Strong written and verbal communication and presentation skills including the ability to discuss technical topics with a non-technical audience.

Preferred Qualifications:

• Strong CLI and scripting language experience.
• Deep understanding of security frameworks such as NIST ISO/IEC 27000 series PCI-DSS FedRamp and CSA.
• Demonstrated experience in security incident response in a SOC computer forensics and incident response.
• Working knowledge of security architecture for cloud/hybrid systems specifically Azure.
• Excellent conceptualization analytical logic and documentation skills.
• Experience in the financial services or servicing operations sectors is desirable.

Whats In It For You:

• Medical Dental and Vision insurance for you and your family
• Relax and recharge with Paid Time Off (PTO)
• 6 company-observed paid holidays plus 3 paid floating holidays
• 401k(after 90 days) plus employer match up to 4%
• Pet Insurance for your furry family members
• Wellness perks including onsite fitness equipment at both locations EAP and access to the Headspace App
• We invest in your future through Tuition Reimbursement
• Save on taxes with Flexible Spending Accounts
• Peace of mind with Life and AD&D Insurance
• Protect yourself with company-paid Long-Term Disability and voluntary Short-Term Disability

Concora Credit provides equal employment opportunities to all Team Members and applicants for employment and prohibits discrimination and harassment of any type without regard to race color religion age sex national origin disability status genetics protected veteran status sexual orientation gender identity or expression or any other characteristic protected by federal state or local laws.

Employment-based visa sponsorship is not available for this role.

Concora Credit is an equal opportunity employer (EEO).

Please see the Concora Credit Privacy Policy for more information on how Concora Credit processes your personal information during the recruitment process and if applicable based on your location how you can exercise your privacy rights. If you have questions about this privacy notice or need to contact us in connection with your personal data including any requests to exercise your legal rights referred to at the end of this notice please contact .