SoFi
Join to apply for the
InfoSec Control Automation Specialist
role at
SoFi Join to apply for the
InfoSec Control Automation Specialist
role at
SoFi Get AI-powered advice on this job and more exclusive features. This range is provided by SoFi. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more. Base pay range
$99,200.00/yr - $148,800.00/yr Employee Applicant Privacy Notice
Who we are:
Shape a brighter financial future with us.
Together with our members, we’re changing the way people think about and interact with personal finance.
We’re a next-generation financial services company and national bank using innovative, mobile-first technology to help our millions of members reach their goals. The industry is going through an unprecedented transformation, and we’re at the forefront. We’re proud to come to work every day knowing that what we do has a direct impact on people’s lives, with our core values guiding us every step of the way.
Join us to invest in yourself, your career, and the financial world.
Role Summary
The GRC Control Automation Specialist automates cybersecurity compliance, reducing manual effort and increasing audit reliability. This role blends risk management, cybersecurity operations, and automation engineering to streamline evidence collection and control validation, crucial for SoFi’s growth and regulatory demands. The specialist will also manage due diligence inquiries, leveraging automation platforms to scale operations and accelerate business opportunities.
Collaboration with control owners, engineers, and audit teams is key to identifying automation opportunities, implementing scripts or integrations, and validating outputs against frameworks like PCI DSS, SOX, and SOC 2. This position supports continuous control monitoring and audit Readiness.
What You’ll Do
Automate manual cybersecurity and compliance controls and administration of the compliance automation platform for audit support (e.g.,SOC 2, SOX, PCI DSS). Develop automated control mechanisms (e.g., scripts, APIs, policy checks), integrating validation logic into CI/CD pipelines, cloud environments, and endpoint tools. Enable continuous control monitoring (CCM) by developing reusable logic and ensuring automated controls produce auditable evidence. Support internal and external audits by providing access to accurate automated evidence and system logs. Develop dashboards visualizing compliance status and resolve platform integration errors. Analyze automated test gaps, distinguishing false positives from true findings, and driving remediation. Manage the Inbound Due Diligence platform to automate security questionnaire responses, ensuring accuracy and updating Trust Centers. As required, collaborate with business and other stakeholders to collect security questionnaire responses. Maintain a control automation backlog and document all automated control logic.
What You’ll Bring
Bachelor's degree or equivalent experience. 3–5+ years in cybersecurity, GRC, compliance operations, or DevSecOps. Experience with GRC and compliance automation platforms (e.g., Anecdotes, Drata,
Vanta, Safebase).
Strong knowledge of security frameworks (e.g., PCI DSS, SOX, GLBA, ISO 27001, NIST CSF, SOC 2). Familiarity with SIEM, cloud platforms (AWS, GCP), IaC, and scripting (Terraform, Python). Foundational knowledge of cloud architecture and cybersecurity principles. Strong analytical and troubleshooting skills, with an eye for efficiency and risk reduction. Exceptional organizational skills, attention to detail, and ability to manage multiple projects. Excellent documentation, collaboration, and communication skills. Experience managing third-party due diligence or security questionnaires.
Nice to Have
Direct experience with external auditors and regulatory bodies. Professional certifications (e.g., CISA, CRISC, AWS Solutions Architect, cloud security). Experience in fintech or financial services. Hands-on experience with API integrations or light scripting.
Compensation And Benefits
The base pay range for this role is listed below. Final base pay offer will be determined based on individual factors such as the candidate’s experience, skills, and location.
To view all of our comprehensive and competitive benefits, visit our
Benefits at SoFi
page!
SoFi provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion (including religious dress and grooming practices), sex (including pregnancy, childbirth and related medical conditions, breastfeeding, and conditions related to breastfeeding), gender, gender identity, gender expression, national origin, ancestry, age (40 or over), physical or medical disability, medical condition, marital status, registered domestic partner status, sexual orientation, genetic information, military and/or veteran status, or any other basis prohibited by applicable state or federal law.
The Company hires the best qualified candidate for the job, without regard to protected characteristics.
Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
New York applicants: Notice of Employee Rights
SoFi is committed to embracing diversity. As part of this commitment, SoFi offers reasonable accommodations to candidates with physical or mental disabilities. If you need accommodations to participate in the job application or interview process, please let your recruiter know or email accommodations@sofi.com.
Due to insurance coverage issues, we are unable to accommodate remote work from Hawaii or Alaska at this time.
Internal Employees
If you are a current employee, do not apply here - please navigate to our Internal Job Board in Greenhouse to apply to our open roles. Seniority level
Seniority level Not Applicable Employment type
Employment type Full-time Job function
Job function Accounting/Auditing and Finance Referrals increase your chances of interviewing at SoFi by 2x Sign in to set job alerts for “Controller” roles.
Salt Lake City Metropolitan Area 5 days ago Director of Accounting and Finance (Remote)
Salt Lake City, UT $150,000.00-$180,000.00 2 months ago Salt Lake City Metropolitan Area $120,000.00-$170,000.00 45 minutes ago Salt Lake City, UT $55.00-$73.00 1 month ago Salt Lake City, UT $185,000.00-$220,000.00 4 days ago Salt Lake City Metropolitan Area $125,000.00-$175,000.00 5 days ago Park City, UT $160,000.00-$190,000.00 1 week ago Sandy, UT $160,000.00-$200,000.00 3 days ago Salt Lake City Metropolitan Area 2 weeks ago Salt Lake City Metropolitan Area $110,000.00-$120,000.00 1 day ago Controllers - Analytics & Reporting, Associate - Salt Lake City
Lehi, UT $75,400.00-$161,000.00 1 week ago Salt Lake City, UT $120,000.00-$140,000.00 1 day ago Salt Lake City, UT $130,000.00-$160,000.00 1 month ago We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr
InfoSec Control Automation Specialist
role at
SoFi Join to apply for the
InfoSec Control Automation Specialist
role at
SoFi Get AI-powered advice on this job and more exclusive features. This range is provided by SoFi. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more. Base pay range
$99,200.00/yr - $148,800.00/yr Employee Applicant Privacy Notice
Who we are:
Shape a brighter financial future with us.
Together with our members, we’re changing the way people think about and interact with personal finance.
We’re a next-generation financial services company and national bank using innovative, mobile-first technology to help our millions of members reach their goals. The industry is going through an unprecedented transformation, and we’re at the forefront. We’re proud to come to work every day knowing that what we do has a direct impact on people’s lives, with our core values guiding us every step of the way.
Join us to invest in yourself, your career, and the financial world.
Role Summary
The GRC Control Automation Specialist automates cybersecurity compliance, reducing manual effort and increasing audit reliability. This role blends risk management, cybersecurity operations, and automation engineering to streamline evidence collection and control validation, crucial for SoFi’s growth and regulatory demands. The specialist will also manage due diligence inquiries, leveraging automation platforms to scale operations and accelerate business opportunities.
Collaboration with control owners, engineers, and audit teams is key to identifying automation opportunities, implementing scripts or integrations, and validating outputs against frameworks like PCI DSS, SOX, and SOC 2. This position supports continuous control monitoring and audit Readiness.
What You’ll Do
Automate manual cybersecurity and compliance controls and administration of the compliance automation platform for audit support (e.g.,SOC 2, SOX, PCI DSS). Develop automated control mechanisms (e.g., scripts, APIs, policy checks), integrating validation logic into CI/CD pipelines, cloud environments, and endpoint tools. Enable continuous control monitoring (CCM) by developing reusable logic and ensuring automated controls produce auditable evidence. Support internal and external audits by providing access to accurate automated evidence and system logs. Develop dashboards visualizing compliance status and resolve platform integration errors. Analyze automated test gaps, distinguishing false positives from true findings, and driving remediation. Manage the Inbound Due Diligence platform to automate security questionnaire responses, ensuring accuracy and updating Trust Centers. As required, collaborate with business and other stakeholders to collect security questionnaire responses. Maintain a control automation backlog and document all automated control logic.
What You’ll Bring
Bachelor's degree or equivalent experience. 3–5+ years in cybersecurity, GRC, compliance operations, or DevSecOps. Experience with GRC and compliance automation platforms (e.g., Anecdotes, Drata,
Vanta, Safebase).
Strong knowledge of security frameworks (e.g., PCI DSS, SOX, GLBA, ISO 27001, NIST CSF, SOC 2). Familiarity with SIEM, cloud platforms (AWS, GCP), IaC, and scripting (Terraform, Python). Foundational knowledge of cloud architecture and cybersecurity principles. Strong analytical and troubleshooting skills, with an eye for efficiency and risk reduction. Exceptional organizational skills, attention to detail, and ability to manage multiple projects. Excellent documentation, collaboration, and communication skills. Experience managing third-party due diligence or security questionnaires.
Nice to Have
Direct experience with external auditors and regulatory bodies. Professional certifications (e.g., CISA, CRISC, AWS Solutions Architect, cloud security). Experience in fintech or financial services. Hands-on experience with API integrations or light scripting.
Compensation And Benefits
The base pay range for this role is listed below. Final base pay offer will be determined based on individual factors such as the candidate’s experience, skills, and location.
To view all of our comprehensive and competitive benefits, visit our
Benefits at SoFi
page!
SoFi provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion (including religious dress and grooming practices), sex (including pregnancy, childbirth and related medical conditions, breastfeeding, and conditions related to breastfeeding), gender, gender identity, gender expression, national origin, ancestry, age (40 or over), physical or medical disability, medical condition, marital status, registered domestic partner status, sexual orientation, genetic information, military and/or veteran status, or any other basis prohibited by applicable state or federal law.
The Company hires the best qualified candidate for the job, without regard to protected characteristics.
Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
New York applicants: Notice of Employee Rights
SoFi is committed to embracing diversity. As part of this commitment, SoFi offers reasonable accommodations to candidates with physical or mental disabilities. If you need accommodations to participate in the job application or interview process, please let your recruiter know or email accommodations@sofi.com.
Due to insurance coverage issues, we are unable to accommodate remote work from Hawaii or Alaska at this time.
Internal Employees
If you are a current employee, do not apply here - please navigate to our Internal Job Board in Greenhouse to apply to our open roles. Seniority level
Seniority level Not Applicable Employment type
Employment type Full-time Job function
Job function Accounting/Auditing and Finance Referrals increase your chances of interviewing at SoFi by 2x Sign in to set job alerts for “Controller” roles.
Salt Lake City Metropolitan Area 5 days ago Director of Accounting and Finance (Remote)
Salt Lake City, UT $150,000.00-$180,000.00 2 months ago Salt Lake City Metropolitan Area $120,000.00-$170,000.00 45 minutes ago Salt Lake City, UT $55.00-$73.00 1 month ago Salt Lake City, UT $185,000.00-$220,000.00 4 days ago Salt Lake City Metropolitan Area $125,000.00-$175,000.00 5 days ago Park City, UT $160,000.00-$190,000.00 1 week ago Sandy, UT $160,000.00-$200,000.00 3 days ago Salt Lake City Metropolitan Area 2 weeks ago Salt Lake City Metropolitan Area $110,000.00-$120,000.00 1 day ago Controllers - Analytics & Reporting, Associate - Salt Lake City
Lehi, UT $75,400.00-$161,000.00 1 week ago Salt Lake City, UT $120,000.00-$140,000.00 1 day ago Salt Lake City, UT $130,000.00-$160,000.00 1 month ago We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr