Role Overview

The Security Product Lead – Enterprise & Identity Security is responsible for defining the strategic direction, roadmap, and measurable outcomes for securing the organization's enterprise infrastructure, critical internal systems, and user identities. This role sits within the Security Strategy & Delivery team and partners closely with the Identity & Access Management (IAM), Infrastructure Security, and Engineering functional leaders and operational teams.

This position ensures that Enterprise Security and Identity Security capabilities are treated as internal security products—aligned to enterprise risk priorities, supported by a clear roadmap, measured through defined KPIs, and delivered through structured program governance.

The role requires strong cross-functional collaboration, strategic thinking, and the ability to influence without direct authority. By ensuring robust identity governance and securing enterprise infrastructure, this role directly supports the organization's overarching goal of protecting member trust, safeguarding corporate assets, and ensuring the continued stability and growth of the business.

Key Responsibilities

Strategy & Roadmap Stewardship

• Develop and maintain a multi-year strategy and roadmap for Enterprise Security, Identity Security (IAM, PAM, Authentication), and AI Security capabilities.
• Align roadmap priorities with enterprise risk objectives, regulatory requirements (e.g., access controls, data governance, AI governance), and evolving threat landscape.
• Identify capability gaps (e.g., zero-trust adoption, privileged access maturity, AI model integrity) and define strategic investment opportunities.
• Translate strategic objectives into structured, sequenced initiatives.

Product & Capability Management

• Enterprise Security

• Define the value proposition and service model for Enterprise Security capabilities (e.g., infrastructure hardening, cloud security posture).
• Add aspects of data security under enterprise security: Establish product requirements and roadmaps for Data Security capabilities, including data loss prevention (DLP), data classification, data encryption, and ensuring compliance with data privacy regulations.

• Identity Management
• Define the value proposition and service model for Identity Management capabilities (e.g., self-service access, least privilege principle, lifecycle management).
• Establish clear capability maturity targets (e.g., IAM coverage, access certification completeness) and continuous improvement plans.
• Maintain and prioritize a strategic backlog across all areas aligned to measurable risk reduction outcomes (e.g., reduction in over-privileged accounts, faster access revocation, secure-by-design adoption in AI).
• Ensure capabilities are treated as ongoing products with lifecycle ownership, not one-time projects.
• Define and track outcome-based metrics (risk reduction, adoption, efficiency) for core security platforms and identity controls.

Portfolio & Program Management

• Own the portfolio view of Enterprise, Identity, and AI Security initiatives within the broader security strategy.
• Structure and manage strategic programs required to deliver roadmap objectives (e.g., rollout of new PAM solution, AI Model SecOps integration).
• Define milestones, delivery plans, and success metrics for major initiatives.
• Track progress against portfolio commitments and escalate risks proactively.
• Manage cross-functional dependencies across Engineering, IT, HR, Legal, and other stakeholders.
• Ensure predictable execution through structured governance and reporting cadence.

Cross-Functional Collaboration

• Partner closely with the Identity & Access Management, Infrastructure Security, and AI/ML functional leaders to align on priorities and execution sequencing.
• Collaborate with Product Management, Engineering, Data Science, Legal, Risk, and Compliance stakeholders.
• Facilitate stakeholder alignment, trade-off decisions, and expectation management.
• Influence without direct authority to drive security principles across enterprise systems.

Continuous Improvement & Innovation

• Monitor industry trends in enterprise architecture security, identity threats (e.g., phishing, credential stuffing), and AI-specific threats (e.g., model poisoning, prompt injection).
• Identify opportunities for automation, analytics enhancement, and process optimization within identity lifecycles and infrastructure monitoring.
• Incorporate lessons learned from security audits and penetration tests into roadmap evolution.

Qualifications

• Bachelor’s degree in Computer Science, Cybersecurity, or related discipline.
• 7+ years of experience in cybersecurity, risk management, or technology strategy roles.
• Demonstrated experience in Identity & Access Management (IAM), Privileged Access Management (PAM), Enterprise Security, Data Security, or AI/ML Security domains.
• Demonstrated experience building and managing strategic roadmaps tied to measurable outcomes.
• Strong understanding of security frameworks, identity protocols (e.g., OAuth, SAML, SCIM), and enterprise risk.
• Understanding of AI/ML concepts and associated security risks, including data provenance, model integrity, and adversarial machine learning.
• Strong product mindset with ability to translate strategy into execution.
• Experience working in matrixed organizations with cross-functional stakeholders.
• Strong analytical, communication, and executive presentation skills.

Role

The Security Product Lead – Threat Intelligence & Insider Risk is responsible for defining the strategic direction, roadmap, and measurable outcomes of the organization’s Threat Intelligence and Insider Risk capabilities. This role sits within the Security Strategy & Delivery team and partners closely with the Threat Intelligence & Insider Risk functional leader and operational teams.

This position ensures that Threat Intelligence & Insider Risk capabilities are treated as internal security products—aligned to enterprise risk priorities, supported by a clear roadmap, measured through defined KPIs, and delivered through structured program governance.

The role requires strong cross-functional collaboration, strategic thinking, and the ability to influence without direct authority. By proactively identifying, assessing, and mitigating advanced threats and insider risks, this role directly supports the organization's overarching goal of protecting member trust, safeguarding corporate assets, and ensuring the continued stability and growth of the business.

Key Responsibilities

Strategy & Roadmap Stewardship

• Develop and maintain a multi-year strategy and roadmap for Threat Intelligence and Insider Risk capabilities.

• Align roadmap priorities with enterprise risk objectives, regulatory requirements, and evolving threat landscape.

• Identify capability gaps and define strategic investment opportunities.

• Translate strategic objectives into structured, sequenced initiatives.

Product & Capability Management

• Define the value proposition and service model for Threat Intelligence & Insider Risk capabilities.

• Establish clear capability maturity targets and continuous improvement plans.

• Maintain and prioritize a strategic backlog aligned to measurable risk reduction outcomes.

• Ensure capabilities are treated as ongoing products with lifecycle ownership, not one-time projects.

• Define and track key performance indicators (KPIs) to measure effectiveness, including intelligence relevance, dissemination timeliness, detection coverage, and insider risk metrics.

• Provide executive-level reporting on capability performance, maturity progress, and risk impact.

• Ensure transparency into roadmap progress and value realization.

Portfolio & Program Management

• Own the portfolio view of Threat Intelligence & Insider Risk initiatives within the broader security strategy.

• Structure and manage strategic programs required to deliver roadmap objectives.

• Define milestones, delivery plans, and success metrics for major initiatives.

• Track progress against portfolio commitments and escalate risks proactively.

• Manage cross-functional dependencies across Security, Engineering, HR, Legal, and other stakeholders.

• Support quarterly and annual planning cycles, including investment prioritization and capacity alignment.

• Ensure predictable execution through structured governance and reporting cadence.

Cross-Functional Collaboration

• Partner closely with the Threat Intelligence & Insider Risk functional leader and team to align on priorities and execution sequencing.

• Collaborate with SOC, Incident Response, HR, Legal, Engineering, and Risk stakeholders.

• Facilitate stakeholder alignment, trade-off decisions, and expectation management.

• Influence without direct authority to drive delivery outcomes and manage cross functional projects to ensure the delivery

Continuous Improvement & Innovation

• Monitor industry trends, adversary tactics, and insider risk developments.

• Identify opportunities for automation, analytics enhancement, and process optimization.

• Incorporate lessons learned from incidents and audits into roadmap evolution.

Qualifications

• Bachelor’s degree in Computer Science, Cybersecurity, or related discipline.

• 7+ years of experience in cybersecurity, risk management, or technology strategy roles.

• Experience in Threat Intelligence, Insider Risk, SOC, or related security domains.

• Demonstrated experience building and managing strategic roadmaps tied to measurable outcomes.

• Strong understanding of adversary tactics (e.g., MITRE ATT&CK), intelligence lifecycle, and insider risk considerations.

• Strong product mindset with ability to translate strategy into execution

• Experience working in matrixed organizations with cross-functional stakeholders.

• Strong analytical, communication, and executive presentation skills.

Role Overview

The Security Product Lead – Product Security & AI Security is responsible for defining the strategic direction, roadmap, and measurable outcomes for securing the organization's product lifecycle and emerging AI/ML initiatives. This role sits within the Security Strategy & Delivery team and partners closely with the Product Security, Engineering, and Data Science/AI functional leaders and operational teams.

This position ensures that Product Security and AI Security capabilities are treated as internal security products—aligned to enterprise risk priorities, supported by a clear roadmap, measured through defined KPIs, and delivered through structured program governance.

The role requires strong cross-functional collaboration, strategic thinking, and the ability to influence without direct authority. By proactively embedding security controls into the product development lifecycle (SDLC) and addressing unique risks associated with AI/ML systems, this role directly supports the organization's overarching goal of protecting member trust, safeguarding corporate assets, and ensuring the continued stability and growth of the business.

Key Responsibilities

Strategy & Roadmap Stewardship

• Develop and maintain a multi-year strategy and roadmap for Product Security and AI Security capabilities.

• Align roadmap priorities with enterprise risk objectives, regulatory requirements (e.g., data privacy, AI governance), and evolving attack surface.

• Identify capability gaps (e.g., secure coding practices, AI model integrity) and define strategic investment opportunities.

• Translate strategic objectives into structured, sequenced initiatives.

• Lead Security Due Diligence: Own the end-to-end security assessment process for M&A targets, including technical architecture reviews, vulnerability assessments, security program maturity evaluations, and risk quantification

• Develop M&A Security Strategy: Define and continuously improve SoFi's M&A security playbook, methodologies, and standards to enable rapid, consistent, and thorough security evaluations

• Drive Integration Planning: Partner with target companies and internal teams to design secure integration roadmaps that balance speed-to-value with security requirements

• Manage M&A security assessments and integration roadmaps to design secure integration roadmaps, balancing speed and security

Product & Capability Management

• Define the value proposition and service model for Product Security and AI Security capabilities, including security requirements for all new product features.

• Establish clear capability maturity targets (e.g., DevSecOps integration level, AI risk mitigation completeness) and continuous improvement plans.

• Maintain and prioritize a strategic backlog aligned to measurable risk reduction outcomes (e.g., reduction in critical vulnerabilities, secure-by-design adoption).

• Ensure capabilities are treated as ongoing products with lifecycle ownership, not one-time projects.

• Translate business priorities, AI adoption strategy, and risk signals into a prioritized portfolio

• Partner with engineering and product teams to reduce friction and improve predictability

• Mature Secure SDLC practices and embed automation into CI/CD pipelines

• Define and track outcome-based metrics (risk reduction, adoption, efficiency)

Portfolio & Program Management

• Own the portfolio view of Product Security & AI Security initiatives within the broader security strategy.

• Structure and manage strategic programs required to deliver roadmap objectives (e.g., implementing an AI Red Team program, rolling out a new static analysis tool).

• Define milestones, delivery plans, and success metrics for major initiatives.

• Track progress against portfolio commitments and escalate risks proactively.

• Manage cross-functional dependencies across Engineering, Product Management, Data Science, Legal, and other stakeholders.

• Support quarterly and annual planning cycles, including investment

• Ensure predictable execution through structured governance and reporting cadence.

Cross-Functional Collaboration

• Partner closely with the Product Security and AI/ML functional leaders and teams to align on priorities and execution sequencing.

• Collaborate with Engineering, Product Management, Legal, Risk, and Compliance stakeholders.

• Facilitate stakeholder alignment, trade-off decisions (e.g., security vs. speed), and expectation management.

• Influence without direct authority to drive secure design principles and manage cross-functional projects to ensure delivery

Continuous Improvement & Innovation

• Monitor industry trends in software supply chain attacks, emerging vulnerabilities (e.g., OWASP Top 10), and AI-specific threats (e.g., model poisoning, prompt injection).

• Identify opportunities for automation, analytics enhancement, and process optimization within DevSecOps pipelines.

• Incorporate lessons learned from penetration tests, bug bounty programs, and security audits into roadmap evolution.

Qualifications

• Bachelor’s degree in Computer Science, Cybersecurity, or related discipline.

• 7+ years of experience in cybersecurity, risk management, or technology strategy roles.

• Demonstrated experience in Product Security (AppSec), DevSecOps, or AI/ML Security domains.

• Demonstrated experience building and managing strategic roadmaps tied to measurable outcomes.

• Experience providing strategic security due diligence and executing cyber security integration for M&A activities.

• Strong understanding of secure development practices, vulnerability management, and common software security frameworks.

• Understanding of AI/ML concepts and associated security risks, including data provenance, model integrity, and adversarial machine learning.

• Strong product mindset with ability to translate strategy into execution.

• Experience working in matrixed organizations with cross-functional stakeholders.

• Strong analytical, communication, and executive presentation skills.

The Role

The Staff IAM Engineer is responsible for securing and managing all non-human identities  including service accounts, application identities, machine credentials, APIs, bots, and workloads across on-prem, cloud, and crypto infrastructure. This role ensures that automated and machine-based identities follow the same governance, lifecycle, and least-privilege principles as human users. You will design systems that enable secure authentication, secrets management, and access provisioning for automated services, APIs, and DevOps pipelines. This role directly protects sensitive financial data, crypto custody environments, and transaction systems from privilege misuse, credential leakage, and insider or supply chain threats.

What You’ll Do

Identity Architecture & Engineering

• Design, implement, and maintain a Non-Human Identity (NHI) framework governing all service accounts, API tokens, certificates, and machine credentials.
• Implement centralized secrets management using tools such as HashiCorp Vault or AWS Secrets Manager, 
• Build integrations with CI/CD pipelines and cloud services (AWS, GCP, Azure) to enforce automated credential rotation and JIT provisioning.
• Define and implement tagging, ownership, and classification models for non-human identities.
• Develop scalable onboarding processes for applications, workloads, and bots that require secure authentication.

 Lifecycle Management & Governance

• Develop automated workflows for creation, rotation, deactivation, and certification of service accounts and API keys.
• Partner with developers and DevOps to transition hard-coded credentials to secure vaults.
• Establish policies for key rotation frequency, credential expiration, and certificate renewal.
• Integrate NHI lifecycle into IAM governance tools (Okta).
• Support quarterly access reviews and certification campaigns for non-human identities.

 Automation & Integration

• Build automation using APIs, Python, PowerShell, or Terraform to manage credentials and monitor access.
• Integrate non-human identity telemetry into SIEM/SOAR platforms for anomaly detection.
• Implement visibility dashboards to track total NHI inventory, owners, last use, and compliance status.
• Deploy Just-in-Time (JIT) credential provisioning for ephemeral workloads and containers (Kubernetes, Lambda, ECS, etc.).

 Security & Risk Management

• Enforce least privilege and zero-trust principles for machine access.
• Monitor for unused or excessive service accounts and remediate over-permissioned credentials.
• Support incident response teams with forensics on compromised API keys or tokens.
• Define detection logic for credential misuse or non-standard access patterns.
• Partner with Application Security to integrate secure NHI handling into SDLC.

 Compliance & Audit

• Maintain audit trails for credential issuance, usage, and rotation events.
• Produce compliance reports for SOX, SOC 2, PCI DSS, FFIEC, and crypto-custody audits.
• Collaborate with internal audit and compliance teams to validate NHI control effectiveness.
• Document architecture, data flows, SOPs, and exception processes for NHI management.

 Innovation & Continuous Improvement

• Evaluate emerging NHI management solutions (e.g., SPIFFE/SPIRE, workload identity federation, cloud-native secrets stores).
• Lead proof-of-concepts to modernize credentialless or short-lived identity methods.
• Advocate for security automation and the reduction of static credentials across the enterprise.

What You’ll Need

Education & Experience

• Bachelor’s degree in Computer Science, Cybersecurity, or related discipline.
• 3–6 years of experience in IAM, DevSecOps, or Security Engineering roles.
• Hands-on experience with non-human identity or secrets management tools
• Familiarity with cloud IAM concepts (AWS IAM Roles, Azure Managed Identities, GCP Service Accounts).
• Experience integrating IAM or secrets systems with CI/CD pipelines and DevOps tools.

 Technical Skills

• Proficiency in automation and scripting (Python, PowerShell, or Bash).
• Strong understanding of authentication standards (OIDC, OAuth 2.0, SAML, JWT).
• Knowledge of API security, key rotation policies, and service-to-service authentication.
• Familiarity with container and workload identities (Kubernetes, ECS, Lambda).
• Understanding of Zero Trust, machine identity, and certificate lifecycle management.

 Preferred Certifications

• HashiCorp Certified Vault Associate
• AWS Certified Security – Specialty
• Okta Certified Professional or Administrator
• (ISC)² Certified Identity and Access Manager (CIAM) or CISSP

Role Overview

We are looking for a technical lead investigator to join the Internal Trust & Fraud Team. You will be responsible for conducting quick-turnaround and in-depth investigations covering a multitude of financial crimes and insider risk matters. In doing so, you will confront high-priority and sensitive issues from a variety of emerging and novel typologies with significant ambiguity. The Investigator will be responsible for conducting investigations specifically focused on SoFi employees and suspicious activities. The role consists of conducting investigations into misconduct by employees, analyzing financial records for discrepancies, and developing strategies to detect and mitigate risky behaviors and fraud. Key duties involve examining internal controls, documenting findings, preparing detailed reports, and maintaining case files. 

In addition to conducting investigations and making recommendations on member or employee activity, you will also be asked to evaluate how SoFi’s controls could be enhanced to further detect and mitigate identified risks and typologies, and work with internal stakeholders to ensure the enhancements are escalated to the appropriate team for remediation.

The right person for this role will enjoy dealing with puzzles, seeking creative solutions, engaging with internal and external stakeholders, and moving quickly while ensuring comprehensive results.

Key Responsibilities

• Conduct end-to-end investigations into suspected insider risk activity such as data exfiltration, policy violations, fraud, IP theft, sabotage, and misuse of company resources. 

• Review and analyze telemetry including endpoint, identity and authentication, SaaS, application, and network logs.

• Correlation events across different log sources to build defensible investigative timelines and attribution assessments.

• Partner with stakeholders to deploy detections and implement strategies to prevent malicious activities by improving internal controls, policies, and procedures.

• Demonstrate sound judgment and an ability to navigate high-priority, high-risk, and sensitive cases.

• Coordinate and collaborate with external parties, including law enforcement agencies, legal counsel, and regulatory bodies, when necessary.

• Proactively partner with internal and external stakeholders and law enforcement agencies regarding priority, high-impact, or emerging typologies.

• Deliver clear, concise, and objective briefings to both technical and non-technical stakeholders. 

• Maintain case management system hygiene, ensuring complete documentation, evidence preservation, and chain of custody integrity.

• Contribute to the development of playbooks, standards, and procedures.

Required Qualifications

• 8+ years of experience in an investigative role such as Insider Threat, Security Operations, Digital Forensics, Insider Response, or Corporate Investigations.

• Demonstrated experience reviewing and correlating endpoint, application, network, and other logs.

• Familiarity with security tools such as Security Information and Event Management (SIEM), User and Entity Behavior Analytics (UEBA), Data Loss Prevention (DLP), and Endpoint Detection and Response (EDR).

• Proficient in interpreting evidence and reconstructing events.

• Familiarity with criminal law, rules, legislation and internal policies.

• Familiarity with all evidence types and the rules governing their admissibility.

• Excellent written and verbal communication skills.

• Understanding of insider risk typologies

Nice to Haves

• Experience working cross-functionally with HR, Legal, and executive stakeholders.

• Experience or interest in cryptocurrency is a plus.

Role Overview

The Director of Cyber Threat Intelligence is responsible for leading the development and execution of a financial institution's cyber threat intelligence program. This role involves acting as the key point of contact for cyber intelligence issues, anticipating future security needs, and managing multi-disciplinary teams of technical and contextual analysts to protect the organization, its employees, and its members from cyber threats. This position serves as a cross functional glue that enables security to integrate closely with stakeholders across the business through threat informed decision making based off of intelligence and data driven analyses.This role acts as a crucial, cross-functional link, enabling the security team to seamlessly integrate with business stakeholders. This is achieved through data-driven analyses and intelligence that allow decision making to be threat informed.

Key Responsibilities

Program Leadership & Strategy

• Develop the CTI Program: Lead the creation and maturation of a comprehensive threat intelligence program tailored specifically to the financial services industry, ensuring it aligns with business requirements and regulatory environments.
• Team Management: Oversee, train, and mentor a team of threat intelligence engineers and analysts, fostering a culture of continuous learning. This includes managing personnel actions, budgets, and operational projects.
• Strategic Direction: Clearly define program roadmap through gap analysis, provide thought leadership to improve awareness across the organization, and act as a strategic advisor to management and steering committees.

Intelligence Collection & Analysis

• Threat Intelligence Platform: Deploy and maintain a threat intelligence platform responsible for the intake, structuring, and distribution of threat intelligence to relevant teams.
• Data Ingestion & Aggregation: Manage the engineering processes for ingesting threat intelligence data from commercial, open-source, and internal resources.
• Threat Monitoring & Research: Continuously monitor the threat landscape to identify emerging threats, vulnerabilities, and the macroeconomic interests of attackers.
• Requirements Management: Lead collection strategies focusing on Priority Intelligence Requirements (PIR) and Strategic Intelligence Requirements (SIR), identifying intelligence gaps and developing plans to mitigate risks.
• Data Analysis: Conduct qualitative and quantitative analysis of large datasets and multiple data sources to assess potential risks to the organization's international operations and assets.

Reporting & Dissemination

• Product Review: Draft, review, and edit intelligence products and briefings from multiple sources.
• Stakeholder Communication: Present complex technical data and risk assessments in clear, non-technical terms to diverse audiences, including senior executives and incident response teams.
• Documentation: Write and revise policies, standards, guidelines, and procedures related to cyber risk and intelligence.

Cross-Functional & External Collaboration

• Internal Partnership: Work closely with security operations, IT, Legal, Fraud Risk, and other stakeholders to integrate intelligence into enterprise workflows and address control gaps.
• External Networking: Collaborate with external partners, industry forums, and government agencies to share intelligence and enhance the bank's capabilities.

Required Qualifications and Skills

• 7+ years of experience in cybersecurity, threat intelligence, operations, or risk management.
• Bachelor’s or advanced degree in Cybersecurity, Computer Science, or a related field.
• Demonstrated ability to lead teams effectively within a dynamic operational setting.

• Proven experience in deploying and maintaining Threat Intelligence Platforms (TIP) and open-source intelligence (OSINT) tools.
• Candidates must demonstrate a proven track record in engineering robust and scalable cybersecurity or threat intelligence solutions. This includes developing tools, integrating services, and building platforms specifically for areas such as threat detection, hunting, and vulnerability management, or related disciplines..
• In-depth knowledge of cyber threats, attack methodologies (such as the MITRE ATT&CK framework or the cyber kill chain), and vulnerabilities relevant to financial networks.
• Familiarity with Security Information and Event Management (SIEM), SOAR tools, dissemination of intelligence through automation to security controls.

• Exceptional written and verbal communication and presentation skills, capable of negotiating and influencing stakeholders at a senior level.
• Strong critical reasoning, problem-solving, and project management abilities.
• Ability to remain calm under pressure, handle multiple conflicting tasks, and maintain strict confidentiality regarding sensitive intelligence.
• Experience integrating artificial intelligence or machine learning capabilities into cybersecurity or threat intelligence workflows, such as automation of threat analysis, detection enrichment, or large-scale data analysis.