Oportun. Inc

Sr. Security Analyst - CSOC

Req No.
Regular Full-Time
Remote / WFH
Job Locations

Company Overview


Oportun (Nasdaq: OPRT) is a financial services company and digital platform that provides responsible consumer credit to hardworking people. Using A.I.-driven models that are built on years of proprietary customer insights and billions of unique data points, we have extended millions of loans and billions in affordable credit, providing our customers with alternatives to payday and auto title loans. In recognition of our responsibly designed products which help consumers build their credit history, we have been certified as a Community Development Financial Institution (CDFI) since 2009.



Since extending our first loan in 2006, Oportun has made over 4 million loans, totaling over $10 billion to hardworking low- and moderate-income individuals. In turn, Oportun has helped more than 905,000 people begin establishing the credit history required to enter the financial mainstream. At the same time, Oportun’s customers have saved an estimated $1.9 billion in interest and fees compared to the alternatives typically available to them.


Department Overview


Artificial Intelligence and a digital platform are essential to our ability to fulfill Oportun’s financially inclusive mission. The Technology team @ Oportun is dedicated to this mission which we enable by creating, delivering, and maintaining elegant, intuitive, and performant systems to support the needs of our customers and business partners.


The CSOC Sr Analyst is tasked with conducting the technical aspects of response operation for critical events, escalated by the Tier 1 CSOC. This includes immediate containment, investigation and management of remediation actions, as well as enhancing defenses with the new knowledge acquired throughout the response process.



  • Monitor and analyze traffic and events/alerts and advise on remediation actions.
  • Review and assess impact and remediation actions for incidents escalated by Tier 1.
  • Investigate intrusion attempts and perform in-depth analysis of exploits by correlating various sources and determining which system or data set is affected.
  • Follow standard operating procedures for detecting, classifying, and reporting incidents.
  • Demonstrate network expertise to support timely and effective decision making of when to declare an incident.
  • Conduct proactive threat research.
  • Analyze a variety of network and host-based security appliance logs (EDR, Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident.
  • Independently follow procedures to identify, contain, analyze, document and eradicate malicious activity.
  • Document all activities during an incident and provide leadership with status updates during the life cycle of the incident.
  • Escalate information regarding intrusion events, security incidents, and other threat indicators and warning information to the client.
  • Track trends and configure systems as required to reduce false positives from true events.
  • Assist with the development of processes and procedures to improve incident response times, analysis of incident, and overall SOC functions.
  • Provide written analysis for reports on an as-needed basis.
  • Modify use cases and manage tuning.


  • Ability to communicate efficiently with internal team members at all levels and across functional and organizational boundaries.
  • Working knowledge of the TCP/IP suite of protocols.
  • Conceptual knowledge of network and systems architecture.
  • Familiarity with Intrusion Detection Systems configuration and operation.
  • Web application architecture.
  • Active Directory Solid understanding of how major application layer protocols function (e.g., HTTP, SMTP, DNS).
  • Knowledge of categories of malware and how they function (e.g., rootkits, trojans, adware, exploits, fileless).
  • Organizational skills and time management/prioritization.
  • Comfortable working against deadlines in a fast-paced environment.
  • Experience in SIEM configuration and use across the response lifecycle.
  • At least 1 year of prior SOC experience (can include internships).




Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed