Senior Risk Engineer

About EarnIn

As one of the first pioneers of earned wage access, our passion at EarnIn is building products that deliver real-time financial flexibility for those with the unique needs of living paycheck to paycheck. Our community members access their earnings as they earn them, with options to spend, save, and grow their money without mandatory fees, interest rates, or credit checks.

We’re fortunate to have an incredibly experienced leadership team, combined with world-class funding partners like A16Z, Matrix Partners, DST, Ribbit Capital, and a very healthy core business with a tremendous runway. We’re growing fast and are excited to continue bringing world-class talent onboard to help shape the next chapter of our growth journey.

POSITION SUMMARY

We are looking for a passionate and motivated Senior Risk Engineer to join our Security Assurance team! You’ll make an impact on our rapidly growing product portfolio while we continuously take a risk-based approach to enable our business growth. You’ll be responsible for ensuring operational excellence for the security certification program and influencing the cybersecurity risk management program at a fast-growing FinTech company! You should have a natural sense of curiosity, a propensity for action, and a collaborative approach to problem-solving. You’ll be excited to collaborate and partner across our engineering organization and all parts of our business. You enjoy building and improving things, big & small projects. You prefer automating things and delighting your customers.

This is a hybrid position in Mountain View (Headquarters) and will require in-office work 2 days a week, with the potential for remote work. The base salary range for this full-time position is $164,200-$205,568, plus equity and benefits. Our salary ranges are determined by role, level, and location. EarnIn provides excellent benefits for our employees, including healthcare, internet/cell phone reimbursement, a learning and development stipend, and potential opportunities to travel to our Mountain View HQ.

WHAT YOU'LL DO

• Lead and own audit readiness for NIST CSF, AICPA SOC II Type 2, and PCI-DSS


• Own a cyber risk assessment and drive maturity in the third-party risk management program (TPRM)


• Support go-to-market and compliance teams by addressing security and compliance inquiries (e.g., responding to security questionnaires, RFPs, and due diligence requests).


• Operationalize the enterprise risk register and risk management across multiple business units.
  Establish and enforce security compliance-related processes and documentation.


• Automate processes and implement compliance-related tooling, drive adoption of Compliance as Code


• Execute and own excellence of operational tasks.

WHAT WE'RE LOOKING FOR

• 4+ years of experience defining, measuring, and maturing a compliance program required (5+ years strongly preferred)


• Bachelor’s, or equivalent industry experience


• Risk-approach mindset to enable the business and growth


• Ability to manage multiple concurrent priorities in a fast-paced environment


• Experience operationalizing risk assessment frameworks and implementing risk management programs


• Demonstrated experience with at least three security control frameworks, such as PCI-DSS, SOC II Type 2, NIST, ISO 27001, FFIEC, SOX, etc.


• Demonstrated experience with building and automating processes and controls


• Understanding of key cloud-based security platforms, including but not limited to: AWS, OKTA, Cloudflare, SIEM, CrowdStrike, Vanta, Cycode, JAMF, InTune, etc.


• Familiarity with key security processes, including but not limited to Vulnerability Management, Risk Management, Identity and Access Governance, Change Management, CI/CD, Detection and Response, BCP/DR,


• Strong analytical skills with the ability to translate data insights into actionable recommendations for leadership.


• Experience in mapping, redesigning, and optimizing business processes to align with security, privacy, and compliance requirements.


• Adept at building trust and fostering collaboration across technical and non-technical stakeholders.

#LI-Remote

At EarnIn, we believe that the best way to build a financial system that works for everyday people is by hiring a team that represents our diverse community. Our team is diverse not only in background and experience but also in perspective. We celebrate our diversity and strive to create a culture of belonging. EarnIn does not unlawfully discriminate based on race, color, religion, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), gender identity, gender expression, national origin, ancestry, citizenship, age, physical or mental disability, legally protected medical condition, family care status, military or veteran status, marital status, registered domestic partner status, sexual orientation, genetic information, or any other basis protected by local, state, or federal laws. EarnIn is an E-Verify participant.

EarnIn does not accept unsolicited resumes from individual recruiters or third-party recruiting agencies in response to job postings. No fee will be paid to third parties who submit unsolicited candidates directly to our hiring managers or HR team.