Senior Manager, Security GRC

OppFi is a tech-enabled, mission-driven specialty finance platform that broadens the reach of community banks to extend credit access to everyday Americans. Through best-in-class customer service, transparency, responsible lending, and financial inclusion, we support consumers, who are turned away by mainstream options, to build better financial health.

We are a team of caring, innovative, and inclusive individuals who thrive in being immersed in diverse talents, expertise, perspectives, and backgrounds. Our employees approach every new challenge with an unparalleled ability to see what could be rather than settle for what is. Our business principles guide us and create an open and collaborative culture where we improve 1% every day, and the best ideas always win! We welcome individuals who want to make an impact in the financial system by facilitating credit access, expanding financial inclusion, promoting financial health, and delivering exceptional customer service.

A few other fun facts about us. OppFi is one of the top consumer-rated financial platforms online, maintaining a 4.5/5.0-star rating on Trustpilot. We are a 2023 Crain’s Fast 50™ company and were named on Built In's 2024 Best Places to Work in Chicago.

About the job:

The Senior Manager, Cybersecurity Governance, Risk, and Compliance (GRC) leads the development and execution of cyber risk management, compliance, and security governance programs. This role ensures security policies, regulatory requirements, and industry best practices are effectively integrated into business and technology operations. Working cross-functionally with InfoSec, Technology, Compliance, Legal, and Risk teams, this role oversees cyber risk assessments, policy enforcement, third-party security reviews, audit readiness, and security awareness programs. The Senior Manager helps strengthen security governance, reduce cybersecurity risks, and foster a security-first culture across the organization.

What you get to do:

• Partner with the CISO to develop the information security program and security control assessment strategy.
• Lead the information security risk management process, including identifying, analyzing, and tracking risks, as well as reviewing risk exception requests.
• Develop and maintain security policies, procedures, standards, and guidelines to align with evolving requirements.
• Manage cybersecurity audits, due diligence activities, and vendor security reviews to meet external audit and client security requirements.
• Ensure compliance with IT security policies and controls by reviewing records, reports, and operational practices.
• Develop and mature enterprise cybersecurity awareness program.
• Lead and mentor a team of 3-4 Security Analysts.

What you bring to the team:

• A bachelors degree in Information Technology/Computer Information Systems or related field.
• Background in Information Security, IT Risk Management, or IT Audit
• Experience with security and control frameworks, such as FFIEC, NIST, COBIT, ITIL, ISO control framework
• Minimum ten (10) years of experience in Information Technology with at least two years of experience in leading team to meet regulatory or compliance requirements
• Experience with information security standards, best practices for securing computer systems within applicable laws and regulations

Reports to: Chief Information Security Officer

Job Level:  Sr. Manager

Total Rewards and Benefits: 

At OppFi, we are committed to fostering a fair and equitable workplace. The compensation range for this role reflects our good faith compensation estimate for this position. Final offers are determined based on a myriad of factors including, but not limited to experience, skills, qualifications, and other relevant business considerations. Candidates are encouraged to discuss compensation expectations during the hiring process. In addition to base pay, the total compensation package includes eligibility and potential for performance-based bonuses and equity grants dependent upon the role and job level. 

OppFi offers a flexible, remote environment, 401(k) matching program, and generous paid time off. Other benefits include medical, dental, and vision coverage, and tuition reimbursement. Additional benefits include DoorDash DashPass, Figo pet insurance, Rocket Lawyer, and access to LinkedIn Learning. OppFi also offers Fringe, a lifestyle benefits platform that allows employees to decide how to spend rewards from dozens of vendors like Uber, DoorDash, and UrbanSitter. #LI-Remote

EEO Statement:

OppFi is an equal opportunity employer and does not discriminate based on any actual or perceived legally recognized protected bases under local, state, federal law, or regulations. Our goal as a company is to build an equitable workplace that actively works to dismantle systems of oppression in our processes, procedures, and interactions. We aim to help our employees thrive where they work and beyond. Check out our Culture page here.

As part of OppFi’s commitment to providing equal opportunity to qualified individuals, OppFi will ensure that persons with disabilities are provided reasonable accommodation as defined by applicable laws and organizational policies. If reasonable accommodation is needed to participate in the job application or interview processes or job requirements, please contact our People Team at recruiting@oppfi.com.

Pursuant to the requirements of the California Consumer Privacy Act, OppFi is providing the "OppFi California Employee Privacy Policy", which details the categories of personal information collected and your rights under the policy. If you are a California resident, please review the policy here: https://www.oppfi.com/careers/.

The information in this document is for general informational purposes only. It is not intended to be an all-inclusive list or description of the organization and its requirements for positions and employees. OppFi reserves the right to modify or change the information on this document at its discretion.