Oportun

Senior Information Security Analyst

Oportun

full-time

Posted on:

Location Type: Remote

Location: India

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

Cyber SecurityJavaPython

About the role

  • Conduct security risk assessments across infrastructure, applications, and other enterprise assets.
  • Identifies and explains top risk drivers; scopes data-driven prioritization.
  • Translate technical risks into business terms and advise stakeholders on appropriate risk mitigation strategies.
  • Perform risk quantification analysis. Analyze the risk impact, vulnerability gaps, threat modeling, and control gaps.
  • Support and enhance the implementation of cybersecurity risk management frameworks (NIST CSF, CIS Controls).
  • Collaborate with IT, Engineering, Legal, and Compliance teams to ensure secure and compliant operations.
  • Contribute to in-house developed applications with an emphasis on Java environments. Executes clean, reusable code and performs Quality Control on own work.
  • Contribute to the development and maintenance of the organization's information security policies, standards, and procedures. Modifies logic, metrics, or models to better reflect business needs.
  • Contribute to the information security education of enterprise users through risk management activities.
  • Contribute to the continuous improvement of the information security risk management program.

Requirements

  • 5+ years of experience in information security with at least 2 years focused on risk assessments.
  • Strong understanding of information security principles, practices, and technologies.
  • Proven experience conducting risk assessments and control assurance reviews.
  • Solid understanding and application of NIST CSF and/or CIS Controls.
  • Familiarity with regulatory standards and compliance frameworks (e.g., SOC 2, PCI-DSS).
  • Security operation experience on operating security tools that detecting security threats or vulnerabilities.
  • Great communication skills with the ability to explain technical risks to non-technical audiences. Shapes analyses with cross-functional input; advises on data-driven goals.
  • Strong analytical, documentation, and reporting skills. Builds and shares reusable templates and dashboard modules. Links insight delivery to broader organizational metrics and risks.
  • Experience with coding (prefer Java or Python).
  • Self-motivated and disciplined with a proven ability to work independently in a remote work environment, including managing time effectively, maintaining communication, and delivering results without close supervision.
Benefits
  • Competitive compensation and benefits package
  • A collaborative team environment focused on innovation and risk reduction
  • Top workplace with state-of-the-art technologies and processes.
  • Opportunities for continued learning and career growth.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
risk assessmentsrisk quantification analysisthreat modelingJavaPythoncybersecurity risk management frameworksNIST CSFCIS Controlscontrol assurance reviewssecurity tools
Soft Skills
communication skillsanalytical skillsdocumentation skillsreporting skillsself-motivateddisciplinedindependent worktime managementcollaborationadvisory skills