SOC Analyst

Self Financial is a venture-backed, high-growth FinTech company with a mission to increase economic inclusion and financial resilience by empowering people to build credit and build savings. We are seeking a Security Operations Center (SOC) Analyst to join our cybersecurity team and help protect our cloud infrastructure and enterprise systems. The role involves triaging alerts, conducting threat analysis, and contributing to continuous improvement of detection and response capabilities, leveraging Splunk Enterprise Security (ES) as the primary SIEM.

Must Have

• Monitor, analyze, and respond to security events and incidents using Splunk Enterprise Security.
• Investigate alerts from multiple security sources including AWS CloudTrail, GuardDuty, Palo Alto Networks firewalls, Okta, CrowdStrike Falcon, Netskope, and Wiz.
• Correlate logs and telemetry across cloud and on-prem environments to identify potential threats or policy violations.
• Develop and fine-tune correlation rules, dashboards, and alerts in Splunk ES.
• Participate in incident response processes including containment, eradication, and recovery.
• Document incidents, root cause analyses, and lessons learned to strengthen operational playbooks.
• Assist in maintaining SOC processes aligned with SOC 1/SOC 2 and PCI DSS compliance frameworks.
• Collaborate with IT, DevOps, and Engineering teams to harden infrastructure and improve detection fidelity.
• 3+ years of experience in a SOC analyst or cybersecurity operations role.
• Expertise in Splunk Enterprise Security (ES) or similar SIEM platforms.
• Strong understanding of AWS services including CloudTrail, GuardDuty, and IAM.
• Hands-on experience with Palo Alto Networks firewalls and security policies.
• Hands-on experience with Okta identity and access management.
• Hands-on experience with CrowdStrike Falcon endpoint detection and response.
• Hands-on experience with Wiz cloud security posture management.
• Familiarity with SOC 1/2 and PCI DSS compliance requirements.
• Solid background in IT systems administration, including Windows, Linux, and networking fundamentals.
• Demonstrated ability to work collaboratively in a security team environment.
• Strong analytical, communication, and documentation skills.

Good to Have

• Industry certifications such as Splunk Certified Power User / ES Analyst, CompTIA Security+, GSEC, GCIA, or AWS Security Specialty.
• Experience with automation/orchestration tools (e.g., SOAR, Python scripting).
• Knowledge of threat intelligence and MITRE ATT&CK framework.
• 3+ years in IT administration to have a foundational understanding of Enterprise IT systems.

Perks & Benefits

• Company equity in the form of Stock Options
• Performance-based bonuses
• Generous employer-paid health, vision and dental insurance coverage
• Flexible vacation policy
• Educational assistance
• Free gym membership
• Casual dress code
• Team building events and activities
• Remote work arrangements/ flexible work schedule
• Paid parental leave

Self Financial is a venture-backed, high-growth FinTech company with a mission to increase economic inclusion and financial resilience by empowering people to build credit and build savings.

We're looking for people who share our passion and are driven to tackle challenges, find solutions and make the financial space better for the communities we serve.

Our team is passionate about challenging the status quo of the credit industry by providing people accessible tools to take control of their credit. Executing on our mission requires deep collaboration across our teams to ensure our products reach the people who can benefit from them the most, particularly the 100 million+ Americans who have no or low credit.

We celebrate diversity and are committed to creating an inclusive environment for all employees. To that end, we seek to recruit, develop and retain the most talented people from a diverse candidate pool.

About the Role

We are seeking a Security Operations Center (SOC) Analyst to join our cybersecurity team and help protect our cloud infrastructure and enterprise systems. The ideal candidate will have hands-on experience working in a SOC environment, leveraging Splunk Enterprise Security (ES) as the primary SIEM to monitor, detect, and respond to security incidents. A strong background in Enterprise IT is preferred, as this knowledge will be key in helping to analyze alerts and logging.

You will play a critical role in triaging alerts, conducting threat analysis, and contributing to continuous improvement of our detection and response capabilities.

Key Responsibilities

• Monitor, analyze, and respond to security events and incidents using Splunk Enterprise Security.
• Investigate alerts from multiple security sources including AWS CloudTrail, GuardDuty, Palo Alto Networks firewalls, Okta, CrowdStrike Falcon, Netskope, and Wiz.
• Correlate logs and telemetry across cloud and on-prem environments to identify potential threats or policy violations.
• Develop and fine-tune correlation rules, dashboards, and alerts in Splunk ES.
• Participate in incident response processes including containment, eradication, and recovery.
• Document incidents, root cause analyses, and lessons learned to strengthen operational playbooks.
• Assist in maintaining SOC processes aligned with SOC 1/SOC 2 and PCI DSS compliance frameworks. Assist in audit evidence collection and documentation in defense of audit requirements.
• Collaborate with IT, DevOps, and Engineering teams to harden infrastructure and improve detection fidelity.
• Support continuous improvement of threat detection, response workflows, and automation initiatives.

Required Skills & Qualifications

• 3+ years of experience in a SOC analyst or cybersecurity operations role.
• Expertise in Splunk Enterprise Security (ES) or similar SIEM platforms.
• Strong understanding of AWS services including CloudTrail, GuardDuty, and IAM.
• Hands-on experience with:
• Palo Alto Networks firewalls and security policies
• Okta identity and access management
• CrowdStrike Falcon endpoint detection and response
• Wiz cloud security posture management
• Familiarity with SOC 1/2 and PCI DSS compliance requirements.
• Solid background in IT systems administration, including Windows, Linux, and networking fundamentals.
• Demonstrated ability to work collaboratively in a security team environment.
• Strong analytical, communication, and documentation skills.

Preferred Qualifications

• Industry certifications such as Splunk Certified Power User / ES Analyst, CompTIA Security+, GSEC, GCIA, or AWS Security Specialty.
• Experience with automation/orchestration tools (e.g., SOAR, Python scripting).
• Knowledge of threat intelligence and MITRE ATT&CK framework.

+3 years in IT administration to have a foundational understanding of Enterprise IT systems.

Base salary range: $76,000-112,000 annually. Individual pay is based on factors unique to each candidate, including skill set, experience, location, and other job-related reasons.

Benefits and Perks:

We have the compensation and benefits you expect. But there's one thing that Self Financial can offer that many companies cannot: we can positively change the world, while making a profit. We are a team of Builders, empowering our customers to build their dreams. We have a Do the Right Thing ethos in all that we do, and we hope you value that approach, too.

Our perks include:

• Company equity in the form of Stock Options
• Performance-based bonuses
• Generous employer-paid health, vision and dental insurance coverage
• Flexible vacation policy
• Educational assistance
• Free gym membership
• Casual dress code
• Team building events and activities
• Remote work arrangements/ flexible work schedule
• Paid parental leave

Self Financial requires all employees hired to successfully pass a background check.

We are an Equal Opportunity Employer.

At this time, we are only able to consider applicants who are U.S. Citizens or Green Card Holders for employment opportunities. We appreciate your understanding.