Sr. Information Security Engineer

Concora Credit Inc.•Beaverton, OR

About The Position

As a Sr. Information Security Engineer, you’ll help drive Concora Credit’s Mission to enable customers to Do More with Credit – every single day. The impact you’ll have at Concora Credit: In your role, you will work as part of an IT Information Security Team in an agile environment. This senior-level position is a technical, hands-on, role. Your focus will be on administration, implementation support, incident response, control monitoring, best practice guidance, and security compliance support. We hire people, not positions. That's because, at Concora Credit, we put people first, including our customers, partners, and Team Members. Concora Credit is guided by a single purpose: to help non-prime customers do more with credit. Today, we have helped millions of customers access credit. Our industry leadership, resilience, and willingness to adapt ensure we can help our partners responsibly say yes to millions more. As a company grounded in entrepreneurship, we're looking to expand our team and are looking for people who foster innovation, strive to make an impact, and want to Do More! We’re an established company with over 20 years of experience, but now we’re taking things to the next level. We're seeking someone who wants to impact the business and play a pivotal role in leading the charge for change.

Requirements

6+ years of experience in Application Security, Secure Software Development, or related fields.
Bachelor’s degree, applicable certification, or equivalent experience.
Working knowledge of information security control technologies, including EDR, access control, cryptography, vulnerability management, SIEM/log management, ID/IPS, DLP, and more.
Working knowledge of network protocols, desktops, laptops, DNS, and networking devices - servers, routers, VPNs, proxies, firewalls.
Proven capability to take ownership of delegated initiatives with limited initial direction, using sound judgment to clarify scope, drive progress, and act as a trusted representative of the team.
Demonstrated ability to translate security and compliance requirements into practical, business-aligned solutions that manage risk without unnecessarily impeding operations.
Strong written and verbal communication and presentation skills, including the ability to discuss technical topics with a non-technical audience.

Nice To Haves

Strong CLI and scripting language experience.
Deep understanding of security frameworks such as NIST, ISO/IEC 27000 series, PCI-DSS, FedRamp and CSA.
Demonstrated experience in security incident response in a SOC, computer forensics, and incident response.
Working knowledge of security architecture for cloud/hybrid systems, specifically Azure.
Excellent conceptualization, analytical, logic, and documentation skills.
Experience in the financial services or servicing operations sectors is desirable.

Responsibilities

Identify new and novel ways to address information security challenges in the Concora environment.
Develop secure solutions for new and existing systems, ensuring alignment with organizational security standards, regulatory requirements, and business goals.
Lead the design, implementation, and optimization of enterprise security controls across on-prem, cloud, and hybrid environments.
Represent Information Security as a member of various Enterprise Project teams from ideation through delivery and ensure security requirements and principles are embedded in new designs and solutions.
Act as a senior resource and escalation point for less experienced staff for engineering, support, and troubleshooting efforts.
Serve as a subject matter expert for threat modeling, risk assessments, and secure design reviews for critical infrastructure, applications, and cloud workloads.
Develop and maintain advanced security automation, integrations, and tooling to improve detection, response, and overall security posture.
Evaluate, select, and deploy new security technologies; lead POCs and drive vendor assessments to support strategic security initiatives.
Collaborate with architecture, DevOps, and IT operations teams to embed security early in the system and application life cycle.
Establish and maintain security baseline configurations, hardening standards, and technical policies across endpoints, servers, networks, and cloud services.
Develop advanced SIEM, EDR, and logging strategies, including correlation rules, detection engineering, and response playbooks.
Manage complex security projects, ensuring timely delivery, technical quality, and cross-team alignment.
Demonstrate and champion the use of automation and scripting capabilities to deploy, manage, and maintain information security capabilities.
Conduct information security risk assessments and security compliance audits on systems and services.
Maintain awareness and knowledge of contemporary security laws, standards, practices, and methods.
Other duties as assigned.
These duties must be performed with or without reasonable accommodation.

Benefits

Medical, Dental and Vision insurance for you and your family
Relax and recharge with Paid Time Off (PTO)
6 company-observed paid holidays, plus 3 paid floating holidays
401k (after 90 days) plus employer match up to 4%
Pet Insurance for your furry family members
Wellness perks including onsite fitness equipment at both locations, EAP, and access to the Headspace App
We invest in your future through Tuition Reimbursement
Save on taxes with Flexible Spending Accounts
Peace of mind with Life and AD&D Insurance
Protect yourself with company-paid Long-Term Disability and voluntary Short-Term Disability