ABOUT OUR COMPANY:
Over the years, our mission has expanded to include helping people with other forms of debt - such as refinancing credit cards, which are at all time highs in the US. And we’ve been able to refinance $4+ Billion in loans through our network of Splash, powered credit union and bank partners who leverage our marketplace and automated loan processing technology. And we’ve raised over $70 million from investors like partners of DST Global, Citi Ventures, TruStage Ventures, Northwestern Mutual Future Ventures, Detroit Venture Partners and more.
But at our core, we’re still that little company from Cleveland with a big dream: to make people more powerful than their debt and we’re just getting started..
ABOUT OUR WORKPLACE:
We’re friendly, folksy, and have Slack channels for both #kids-and-pets and #food. We’re good people who want to make a difference in the financial landscape, and we approach tackling challenges with creativity, passion and urgency.
ABOUT THE ROLE:
Splash Financial is seeking a Staff Security Engineer that will serve as a key pillar in elevating our cybersecurity posture, ensuring the protection of business and customer data, and leading efforts to meet and exceed compliance requirements. This individual will leverage deep technical expertise to architect, implement, and maintain robust security frameworks, tools, and processes across the organization. This role is for you if you have a passion for security, and are interested in making a tremendous impact across our products and teams.
WHAT YOU’LL DO AT SPLASH:
- Develop and implement DLP strategies and tooling to prevent unauthorized access and exfiltration of sensitive data.
- Optimize the use of our SIEM tooling, ensuring it delivers full value through customized monitoring, alerting, and incident response capabilities.
- Conduct regular training for the security team to enhance in-house expertise.
- Design and deploy a comprehensive vulnerability management program, including periodic scanning, risk assessment, and prioritization for remediation.
- Lead security risk assessment efforts, identifying, evaluating, and reporting risks to executive leadership.
- Develop strategies for risk mitigation or acceptance, ensuring informed decision-making at the executive level.
- Enhance the existing incident response framework, focusing on security-specific scenarios requiring specialized expertise.
- Regularly conduct cybersecurity maturity assessments to identify gaps and areas for improvement.
- Implement and maintain cybersecurity frameworks that align with business goals and compliance requirements.
- Develop and maintain dashboards and reports for real-time visibility into the security posture.
- Work closely with compliance teams to ensure ongoing adherence to all relevant security standards and regulations.
- Develop and oversee comprehensive security training and awareness programs, including PII handling, password management, and anti-phishing campaigns.
WHAT YOU’LL BRING TO SPLASH:
- Proven experience in security engineering, including DLP, SIEM, vulnerability management, and incident response.
- Strong understanding of compliance frameworks (SOC2, PCI, ISO 27001) and experience leading certification efforts.
- Excellent communication skills for effective risk communication, training delivery, and cross-departmental collaboration.
- Strategic thinker with the ability to translate security needs into actionable plans and solutions.
BENEFITS:
- Comprehensive and affordable insurance benefits
- Unlimited paid time off policy
- 401(k) enrollment
- 9 paid company holidays
- Paid parental leave
Employment at Splash is based on individual merit. Opportunities are open to all, without regard to race, color, religion, sex, creed, age, handicap, national origin, ancestry, military status, veteran status, medical condition, marital status, sexual orientation, affectional preference, or other irrelevant factors. Splash is an equal opportunity employer.
