Senior Engineer, Security

  • SoFi
  • San Francisco, CA, USA
  • Sep 20, 2018
Full time Developer JAVA Security

Job Description



About The Role

SoFi is seeking an experienced Information Security professional to further its Application Security program.  The ideal candidate comes with a strong background in offensive security and is able to implement scalable solutions to mitigate security threats.

As a member of the Information Security function, you will be part of a team of highly skilled engineers tuned-in to threat research and technical innovation. You will work closely with engineering teams and other business functions to tackle complex technical problems and build secure products.

At SoFi, you’ll become part of a new kind of finance company based around speed, transparency, and alignment with our members’ interests. Our goal is to be at the center of our members’ financial lives. We created student loan refinancing, addressing the biggest financial challenge of a new generation through a modern approach to lending and personal finance. We expanded into other types of loans, and then into insurance and wealth management with similarly inventive products and soon to be launched SoFi money a modern take on a checking or savings account. As the company has grown, we’ve been able to help more people with these tools. SoFi has achieved significant growth, with ambitious plans ahead, but to continue this growth we need great talent.


  • Perform technical security assessments, pentests, code audits and design reviews
  • Develop solutions to scale security testing and enable engineering teams to identify security flaws pre-production  
  • Act as advisor in the area of secure development and threat mitigation
  • Create and manage the bug bounty program
  • Demonstrate leadership through evangelizing security, identification of issues and driving resolution across corporate functions

Minimum qualifications

  • BS degree in Computer Science or related technical field or equivalent practical experience
  • 2+ years of experience in application security testing
  • Strong knowledge of web application security design, threats and mitigations
  • Practical experience in security engineering, authentication standards (OAUTH, JWT, etc.) and applied cryptography
  • Develop and execute secure application development training exercises
  • Self-starter with strong interpersonal and communication skills

Preferred qualifications

  • Software development experience in Java, Javascript and interpreted languages (Perl, Python, etc)
  • Experience in mobile security design and assessment
  • Working knowledge of Amazon Web Services (AWS) security
  • Experience developing security tools


  • Lunch Stipend, a fully stocked kitchen, and subsidized gym membership.
  • Competitive salary packages and bonuses.
  • A flexible vacation policy allows you to truly relax and reboot. 
  • Comprehensive health, vision, dental, and life insurance as well as disability benefits.
  • 100% of health, vision, and dental premiums paid by SoFI for employees and their dependents. 
  • 401(k) and education on retirement planning. 

  • Tuition reimbursement on approved programs, up to $5,250 a year.
  • Monthly contribution to help you pay off your student loans.