Oportun. Inc

Job Listings

Current Oportun Employees Please log into our internal application site here.

First Time Applicants Please click on the job title for more information, and apply from that page if you are interested.

Use this form to perform another job search

The system cannot access your location for 1 of 2 reasons:
  1. Permission to access your location has been denied. Please reload the page and allow the browser to access your location information.
  2. Your location information has yet to be received. Please wait a moment then hit [Search] again.
Click column header to sort

Search Results Page 1 of 2

• Develop and implement information security programs and security control assessment strategies • Responsible for creating and maintaining a risk register of cyber exceptions and vendor risk assessments for risk identification  • Write, manage, publish, and update all internal technical cyber governance documentation • Responsible for conducting risk analyses and security evaluations of Oportun systems and processes • Provides expertise for resolution and risk mitigation for identified risks • Integrate risk assessment processes and output into Oportun’s Security Exception program • Support the intake, triage, and processing of reported risks and identified gaps • Develops, tracks, and reports on Key Risk Indicators (KRIs) for information security risks • Monitors, tracks, and reports mitigation and resolution of information security risks • Effectively communicate key risks, findings, and recommendations for improvement with key stakeholders. • Deliver customer first solutions optimized for Service Now and Jira ticketing, with triage, streamlined response, resolution measurement • Manage security controls involving password and access management, segregation of duties, logging and monitoring, data encryption, data backup and recovery, disaster recovery, business continuity management, etc. • Support cyber audit activities and management of cyber controls tools and platforms • Provide and oversee the periodic reporting on information security risks and gaps for compliance with the enterprise information security policies, standards, and procedures among employees, contractors, alliances, and other third parties • Ensure enterprise cybersecurity processes meet all industry regulations, standards, and compliance requirements
Req No.
2022-13090
Department
Security
Remote / WFH
Yes
Location
IN-Remote
Type
Regular Full-Time
  - Assist in design and integration of CI/CD security tooling such as SAST, SCA, etc. - Review and improve configuration of deployed tooling, leveraging Terraform - Investigate, analyze, plan and deploy cloud monitoring solutions within AWS - Implement security utilities and monitoring to improve observability and situational awareness - Partner with security operations team to improve their accessibility and maneuverability using devops tools - Assist in investigations and escalations during normal business hours - Assist in reviewing/editing/creating technology and security documentation
Req No.
2022-13089
Department
Security
Remote / WFH
Yes
Location
US-CA-San Carlos
Type
Regular Full-Time
- Support the Security Engagement & Education team with responsibilities that include: (1) Developing, implementing, and managing enterprise-wide cybersecurity awareness and training programs, (2) Leading external and internal cybersecurity communications, (3)  Establishing and maintaining standardized cybersecurity practices within the organization, and (4) Ensuring all employees and related resources know, understand, and adhere to Oportun security requirement - Support the developing and maintaining of internal Cyber Awareness, Training and Comms programs (including onboarding, annual security training, etc.) that align with the organization’s strategic plans and objectives - Support the development of clear and effective firm-wide communications regarding cybersecurity training, compliance, best practices, etc. - Support ensuring of internal security programs and practices meet all industry regulations, standards, and compliance requirements (e.g. GLBA, FFIEC, SOX, COBIT, ITIL, PCI-DSS, NIST, CIS Critical Security Controls, Regulation P, etc.)  - Support developing and executing response plans related to internal and external cyber incidents - Research and identify top human risks to the organization and the behaviors that must change to mitigate those risks - Suport developing and updating a metrics framework that can effectively measure firm-wide cybersecurity requirements - Support developing and maintaining training programs, certification roadmaps, etc. for security team members - Proactively inform and influence others in order to maintain the balance required between business needs, project partner strategy and standards, and financial requirements and budgets - Support Security Compass and SD Elements in the training of Secure Development Practices - Provide business units with the training and resources required to move security to the left - Synthesize and unify security communications across the organization and externally - Develop and maintain the SecEdu metrics and analytics program (i.e. training % completion) - Provide SecEdu advisory services to the organization (i.e. function-based security training)
Req No.
2022-13088
Department
Security
Remote / WFH
Yes
Location
US-Remote
Type
Regular Full-Time
• Collaboratively develop and communicate the vision and strategy for B2C IAM efforts. • Work alongside different security teams to tune control registration systems and meet the needs of business stakeholders • Design and implement core, high-performance, scalable software solutions • Develop, create, and modify Okta CIAM process and Workflows according to business needs • Analyze user needs and develop software solutions. • Ability to lead the development of technically complex new functionalities and work with other team members & business partners to deliver value through automation • Manage IAM services which includes identity lifecycle management, SSO, Access Management, Privileged Identity Management, Identity Access Governance. • Implement RBAC for defining application access • Develop integrations and automation to verify and validate deployed resources meet requirements through automated methods • Architect, implement and manage IAM services which includes Access Management, PAM, IGA. • Other duties as assigned
Req No.
2022-13087
Department
Security
Remote / WFH
Yes
Location
US-CA-San Carlos
Type
Regular Full-Time
- Assist in design and integration of CI/CD security tooling such as SAST, SCA, etc. - Review and improve configuration of deployed tooling, leveraging Terraform - Investigate, analyze, plan and deploy cloud monitoring solutions within AWS - Implement security utilities and monitoring to improve observability and situational awareness - Partner with security operations team to improve their accessibility and maneuverability using devops tools - Assist in investigations and escalations during normal business hours - Assist in reviewing/editing/creating technology and security documentation
Req No.
2022-13081
Department
Security
Remote / WFH
Yes
Location
MX-Remote
Type
Regular Full-Time
- The Sr. Change Analyst is a key member of the Change Management team, primarily focused on technical pre- and post-implementation review of changes to ensure regulatory compliance. - This is a hands-on technical role requiring technical understanding, diagnosis, and investigation, including reviewing applications, systems, logs, and events to ensure accurate documentation of changes and change impact. - Pre-implementation review will verify the technical accuracy of documentation and potential impact of changes are properly documented and tested prior to implementation in a Production environment. - Post-Implementation Review (PIR) will investigate changes, including logs, audit trails, event records, system configurations, and other technical artifacts, to create an independent technical audit of changes implemented on regulated systems. - Perform PIR on both successful and unsuccessful changes. - Ensure technical documentation on changes meets audit, regulatory and safeguard compliance requirements. - Access systems, as needed, to locate, collect, and review technical evidence needed to support PIR documentation. - Create PIR documentation for changes, validating changes were implemented in the Production environment as written, with no steps missing or added, and within the documented timeline. - Because PIR documentation will require reviewing multiple systems and technologies, a broad technical background with some experience with working with log files, scripting and/or coding is required. - Review change records against logs, audit trails, event records, system configurations, and other technical artifacts to ensure changes are being completed for changes. - Identify patterns or areas of change non-compliance and report them to the Change Manager to be escalated and addressed. - Identify opportunities for automation of change documentation, validation, testing, review, and/or approvals. Assist with the other normal processes within Change Management, including: • Review Request for Change (RFC) submissions by the change owner. • Assess the risk and impact of changes made to the production environment as part of change standardization. • Perform change auditing functions in support of governance and compliance requirements including, but not limited to, Sarbanes-Oxley Act (SOX), GrammLeach-Bliley Act (FTC Safeguard Rule), SOC1, SOC2, etc. • Facilitate Change Advisory Board (CAB) meetings. • Ensure all necessary communication; documentation and testing are done prior to approval. • Request for a review f rom technical peer who will ensure that all technical steps are appropriate and correct. • Approve or Deny the Request for Change based on Oportun Change Policy. • Processing, reviewing, categorizing, documenting, and working with stakeholders to ensure clarity of change requests to configuration items being af fected. • Coordinating with Testing and Release Management staf f to manage change requests through all phases of their lifecycle. • Managing change requests through all phases of their lifecycle. • Administering the change request queue to ensure processing thresholds are achieved. • Measuring change ef fectiveness and generating performance metrics regarding global change environment and activity. • Providing administrative support to the Change Approval Board (CAB) including agendas, meeting minutes and decision documentation and is a backup to facilitate CAB if the change manager is not available
Req No.
2022-13080
Department
Security
Remote / WFH
Yes
Location
MX-Remote
Type
Regular Full-Time
- Support the Security Engagement & Education team with responsibilities that include: (1) Developing, implementing, and managing enterprise-wide cybersecurity awareness and training programs, (2) Leading external and internal cybersecurity communications, (3)  Establishing and maintaining standardized cybersecurity practices within the organization, and (4) Ensuring all employees and related resources know, understand, and adhere to Oportun security requirement - Support the developing and maintaining of internal Cyber Awareness, Training and Comms programs (including onboarding, annual security training, etc.) that align with the organization’s strategic plans and objectives - Support the development of clear and effective firm-wide communications regarding cybersecurity training, compliance, best practices, etc. - Support ensuring of internal security programs and practices meet all industry regulations, standards, and compliance requirements (e.g. GLBA, FFIEC, SOX, COBIT, ITIL, PCI-DSS, NIST, CIS Critical Security Controls, Regulation P, etc.)  - Support developing and executing response plans related to internal and external cyber incidents - Research and identify top human risks to the organization and the behaviors that must change to mitigate those risks - Suport developing and updating a metrics framework that can effectively measure firm-wide cybersecurity requirements - Support developing and maintaining training programs, certification roadmaps, etc. for security team members - Proactively inform and influence others in order to maintain the balance required between business needs, project partner strategy and standards, and financial requirements and budgets - Support Security Compass and SD Elements in the training of Secure Development Practices - Provide business units with the training and resources required to move security to the left - Synthesize and unify security communications across the organization and externally - Develop and maintain the SecEdu metrics and analytics program (i.e. training % completion) - Provide SecEdu advisory services to the organization (i.e. function-based security training)
Req No.
2022-13079
Department
Security
Remote / WFH
Yes
Location
MX-GUA-Leon
Type
Regular Full-Time
- Support creation and modification for all access/credential requests (retail, corporate, contact centers), including activation, deactivation, and revocation - Manage all service-related requests and needs for security systems and technology, including tracking, internal ticket updates/resolution and working with internal stakeholders to facilitate on-site service schedules - Troubleshoots systems and technology issues working with end users, remote personnel, and vendors - Support internal operations with monitoring of access system alerting and proactively analyze data and identify areas of opportunity - Audit and validate access management programs (keys, card, and PIN records) on regular cadence per policies and standards - Assist in maintaining and driving Key Performance Indicators (KPIs) and system health metrics, including identifying methods for monitoring system health conditions of all physical security systems - Regularly reviews and reports on metrics related to physical security systems and technologies
Req No.
2022-13078
Department
Security
Remote / WFH
No
Location
MX-GUA-Leon
Type
Regular Full-Time
- Support creation and modification for all access/credential requests (retail, corporate, contact centers), including activation, deactivation, and revocation - Manage all service-related requests and needs for security systems and technology, including tracking, internal ticket updates/resolution and working with internal stakeholders to facilitate on-site service schedules - Troubleshoots systems and technology issues working with end users, remote personnel, and vendors - Support internal operations with monitoring of access system alerting and proactively analyze data and identify areas of opportunity - Audit and validate access management programs (keys, card, and PIN records) on regular cadence per policies and standards - Assist in maintaining and driving Key Performance Indicators (KPIs) and system health metrics, including identifying methods for monitoring system health conditions of all physical security systems - Regularly reviews and reports on metrics related to physical security systems and technologies
Req No.
2022-13077
Department
Security
Remote / WFH
No
Location
MX-GUA-Leon
Type
Regular Full-Time
- Demonstrable working knowledge of the Atlassian Technology Stack (Confluence, JIRA, & Bitbucket) – On Premise, Data Center environment. - Ability to perform ALL general administrative & development functions such as, but not limited to: user management, applying permissions, troubleshooting issues, creating out of the box components, configurations, maintenance, and support. - Experience with performing Atlassian software installations. - Plan, test, perform and support software installations, upgrades, migrations and add-ons on a regularly scheduled timeline. - Develop, maintain and conduct end user training as necessary (new upgrades, capabilities, features, etc.) and foster positive user adoption.  JIRA / CONFLUENCE / BITBUCKET - Assist users with Jira / Confluence / Bitbucket administration, configuration and customization requests while adhering to established best practices. - Jira – System & User Administration. Development & Configuration (Projects, Schemes, Security, Fields, Workflows, Filters, Reports, Dashboards, Integrations, Add-ons, etc.). - Confluence – System & User Administration. Development & Configuration (Spaces, Pages, Permissions, Restrictions, Integration, Add-ons, Security, etc.). - Bitbucket – System & User Administration. Bitbucket Project Management (Repositories Lifecycle, Permissions, Integration, Add-ons, Security, etc. PLATFORM SUPPORT - Participate in 24x7 on-call operations (rotating basis) and respond to issues, provide direction, and complete resolution efforts. - Strong optimization skills to improve performance, scalability, and usability OTHER - Provide timely (in-person/remote) support responses to customers, colleagues, peers and leadership on a regular basis for specific and general questions/issues. - Work with internal IT Support teams and other external groups to resolve technical issues. - Create, manage, document, and update tickets within the various ticketing systems (Jira, ServiceNow, etc.). - Perform analysis with key stakeholders, customers and team members to ensure requirements are captured, met, and the appropriate solutions are implemented. - Follow organizational and Agile standards/methodologies (Scrum/Kanban - sprint planning, retrospective, backlog, daily scrum, etc.). - Adhere to Change Management, Security, Compliance, Legal and Other policies, procedures and protocols.
Req No.
2022-13064
Department
Engineering
Remote / WFH
Yes
Location
MX-Remote
Type
Regular Full-Time
- Develop customer level response models, propensity models, risk models, and profitability models leveraging credit bureau and as well as alternate data for credit cards and personal loan products - Build a consumer centric marketing engine to optimize marketing spend for millions of prospects across multiple products (personal loans and credit cards) and channels (i.e. direct mail, digital marketing, partners, existing customers and aggregators) - Develop and automate pre-screen credit policy for prospects across different products and channels  - Lead initiatives to drive business value from start to finish including project planning, communication and stakeholder management - Lead discussions with compliance, bank partners and model risk management teams to facilitate the model governance activities such as model validations and monitoring. - Build experimental design-based testing framework for rapid experimentation and learning - Build end-to-end reusable ML pipelines from data acquisition to model output delivery - Design and build marketing data infrastructure by partnering with data and production engineering teams - Lead and mentor data scientists that solve business problems leveraging AI/ML - Communicate and partner with third party data vendors
Req No.
2022-13061
Department
Analytics
Remote / WFH
Yes
Location
IN-Remote
Type
Regular Full-Time
- Drive the development of Credit Card Origination fraud strategy and roadmap to leverage data and technology to manage fraud, ensuring customer experience and drive increased loan volumes - Lead the development of strategies, rules and the execution used in predicting and preventing fraud - Optimize vendor strategy – evaluating new vendors as well as feature engineering existing vendors – for better fraud prevention - Be able to put multiple hats to address key opportunities for the business – ranging from analyzing performance & making recommendations, analyzing & mitigating fraud ring attacks, & help optimize operational performance - Hands-on ability to extract & analyze data using SQL & Python - Share Credit Card origination fraud strategy vision with key stakeholders to obtain buy-in and to drive result focused execution - Collaborate with the data science team to develop the fraud models and translate those learnings into an actionable strategy - Develop key metrics to track the performance of fraud strategies and is accountable for meeting the set goals. - Identify new data sources and technology that can be used in improving fraud management by working with technology and data vendors - Collaborate with Engineering and product analytics team to improve fraud engine capabilities, and improve customer experience - Develop reporting and analysis used to monitor fraud trends and drive improvements in customer experience - Partner with the fraud manual review team in developing fraud review processes, managing staffing levels and meeting desired service levels
Req No.
2022-13048
Department
Risk Management
Remote / WFH
Yes
Location
US-MD-
Type
Regular Full-Time
- Drive the development of Credit Card Origination fraud strategy and roadmap to leverage data and technology to manage fraud, ensuring customer experience and drive increased loan volumes - Lead the development of strategies, rules and the execution used in predicting and preventing fraud - Optimize vendor strategy – evaluating new vendors as well as feature engineering existing vendors – for better fraud prevention - Be able to put multiple hats to address key opportunities for the business – ranging from analyzing performance & making recommendations, analyzing & mitigating fraud ring attacks, & help optimize operational performance - Hands-on ability to extract & analyze data using SQL & Python - Share Credit Card origination fraud strategy vision with key stakeholders to obtain buy-in and to drive result focused execution - Collaborate with the data science team to develop the fraud models and translate those learnings into an actionable strategy - Develop key metrics to track the performance of fraud strategies and is accountable for meeting the set goals. - Identify new data sources and technology that can be used in improving fraud management by working with technology and data vendors - Collaborate with Engineering and product analytics team to improve fraud engine capabilities, and improve customer experience - Develop reporting and analysis used to monitor fraud trends and drive improvements in customer experience - Partner with the fraud manual review team in developing fraud review processes, managing staffing levels and meeting desired service levels
Req No.
2022-13046
Department
Risk Management
Remote / WFH
Yes
Location
IN-Remote
Type
Regular Full-Time
- Forecast delinquencies and losses for various forecasting purposes (e.g., business planning, fair value, etc.) using forecasting models for Oportun’s consumer lending portfolios; communicate forecasting results along with assumptions and trends/changes in key drivers to executive management - Develop and implement loss forecasting models. Monitor model performance on an ongoing basis - Monitor and adjust assumptions used by model to ensure forecast accurately reflects changing trends - Report and interpret variances between different forecasts and variances between forecast and actual - Perform documentation and other controls in forecasting processes - Respond to internal/external auditors and/or regulators for audited or regulated forecasting processes - Manage cross functional communications with Risk Management, Collections and Financial Planning to incorporate strategic initiatives into forecast - Support Collections team in setting performance goals and planning staffing and expenses by providing delinquency and loss forecast - Support ad-hoc forecasting or analytical requests
Req No.
2022-13044
Department
Risk Management
Remote / WFH
Yes
Location
US-Remote
Type
Regular Full-Time
The prospective candidate’s responsibilities will also include the following:   - Ensure accuracy, analysis and timeliness of weekly and bi-weekly payroll processes. - Ensure the company’s payroll system is updated and working correctly. - Work on reconciliation of accounts, audits and analysis of operational data monthly to guarantee accuracy. - Provide appropriate explanations for variances in balance sheet accounts. - Ensure compliance with relevant laws and internal policies. - Supervise and coach payroll specialists. - Liaise with auditors and manage payroll tax audits. - Close collaboration with Finance, Accounts Payable and Cash teams. - Maintain accurate records and preparation of reports. - Suggest fresh ideas and to management in aspects such a organizing modification structure for personnel. - Resolve issues and answers payroll-related to all personnel. - Preparation of PBC and interaction with auditors. Assist in the implementation of new projects across the organization as required.  
Req No.
2022-13020
Department
Global Payroll
Remote / WFH
No
Location
MX-GUA-Leon
Type
Regular Full-Time
RESPONSIBILITIES:   - Perform independent model validation, annual model review, ongoing monitoring report review, required action item review/closure on the cutting-edge machine learning models. - Produce high-quality model validation reports, highlighting risks and limitations of the model in a concise manner. - Communicate to business audiences through verbal and written presentations describing the results of the validation findings and mitigation actions. - Work closely with business owner's/model users and developers to understand the business context for model use and facilitate the model approval process. - Stay up to date with regulatory expectations of model development, use, and validation activities. - Support Oportun’s the model risk management framework, including annual validation plans, model inventory, model risk ranking, and model risk governance. - Develop and maintain effective partnerships with key model stakeholders. - Support the coordination of model risk governance practices with the model users. - Attention to detail in both analytics and documentation.
Req No.
2022-13010
Department
Risk Management
Remote / WFH
Yes
Location
US-Remote
Type
Regular Full-Time
- Support for computer hardware and any authorized desktop software - When the restoration of service is beyond the scope of the Service Desk Agent he/she will escalate the issue/problem to proper tier 2 and 3 support team members with proper/required documentation. - Develop trends by monitoring and analyzing incoming calls, problems and support requests - Attend incoming requests and issues via all approved communication channels to ensure courteous, timely and effective resolution. - Logging of each request or incident into ServiceNow - Correct categorization and prioritization of tickets according to Priority Matrix - Identify and learn appropriate software and hardware, used and supported by the organization - Perform post-resolution follow ups to ensure fulfillment. - Reinforce SLAs to manage end-user expectations
Req No.
2022-13005
Department
Information Technology
Remote / WFH
Yes
Location
MX-GUA-Leon
Type
Regular Full-Time
- Help lead security service pods across Oportun’s Security organization  - Build high performing teams that deliver solutions to reduce risk, protect the business and enable growth  - Work with our Security functional leaders to fulfill our roadmap while delivering data driven security services to our internal customers  - Collect, analyze and report on security metrics using continuous automation     - Enable an agile and frictionless organization by demonstrating agile behaviors   - Provide security subject matter expertise to diverse teams through security consultation for risk analysis, remediation and solution development for countermeasures  - Align technical and operational compliance with Information Security policies, standards, and guidelines across the enterprise  - Foster a team culture that models inclusivity, diversity, transparency and delivery excellence 
Req No.
2022-12876
Department
Security
Remote / WFH
Yes
Location
US-Remote
Type
Regular Full-Time
- Help lead a security service pod within Oportun’s Security organization - Build a high performing team that deliver solutions to reduce risk, protect the business and enable growth - Work with our Security functional leaders to fulfill our roadmap while delivering data driven security services to our internal customers - Collect, analyze and report on security metrics using continuous automation - Enable an agile and frictionless organization by demonstrating agile behaviors - Provide security subject matter expertise to diverse teams through security consultation for risk analysis, remediation and solution development for countermeasures - Align technical and operational compliance with Information Security policies, standards, and guidelines across the enterprise - Foster a team culture that models inclusivity, diversity, transparency and delivery excellence
Req No.
2022-12875
Department
Security
Remote / WFH
Yes
Location
US-Remote
Type
Regular Full-Time
· Perform product security design reviews · Perform code reviews of large applications, manually and using static analysis tools · Teach/facilitate threat modeling to product teams · Document our CI/CD security requirements · Own the CI/CD security strategy and roadmap · Advocate the CI/CD security strategy and roadmap so leaders and partners know to allocate resources necessary to mature CI/CD in a coordinated manner · Document security requirements for code repositories · Own the code repository security strategy and roadmap · Document security strategy for protecting our product documentation. Ensure that the strategy is deployed and effective. · You will deliver meaningful results at an impressive pace while building relationships and strengthening our brand · You will speak plainly about opportunities for improvement in a way that encourages friendly dialogue · You will become famous for treating customers, employees, and partners with respect and dignity  
Req No.
2022-12874
Department
Security
Remote / WFH
Yes
Location
US-Remote
Type
Regular Full-Time