Description

Sunbit builds financial technology for real life. Our technology eases the stress of paying for life’s expenses by giving people more options on how and when they pay. Founded in 2016, Sunbit offers a next-generation, no-fee credit card that can be managed through a powerful mobile app, as well as a point-of-sale payment option available at more than 21,000 service locations, including auto dealership service centers, optical practices, dental offices, veterinary clinics, and specialty healthcare services. Sunbit was included on the 2022 Inc. 5000 list. The financial technology company has also been named Sunbit as a Most Loved Workplace®, Best Point of Sale Company, and a Top Fintech Startup by CB Insights.

We use cutting-edge innovations in financial technology to bring leading data and features that allow individuals to be qualified instantly, making purchases at the point-of-sale fast, fair, and easy for consumers from all walks of life. We create value focused on our core values; we work tirelessly to ensure that Sunbit becomes available to everyone, everywhere.

We invite you to #UnleashyourCuriosity and join our ever-growing R&D organization.

Feel free to reach out with any questions!

About the Role

We're hiring our first Security Analyst to join Sunbit's newly formed Security Operations (SecOps) team, reporting directly to the SecOps Team Lead. SecOps is the single point of contact and accountability for all security operational pipelines at Sunbit — we orchestrate, track, and ensure completion of security work across the organization, partnering with Engineering, IT, GRC, and application teams who execute the hands-on technical work.

This is a ground-floor opportunity: you will help build the pipelines, playbooks, dashboards, and automations that power security operations at Sunbit. Our mandate is to cover a broad security domain with a lean team — that is only achievable through aggressive automation, streamlined workflows, and self-service capabilities.

What You'll Do

Daily Operations

• Triage security alerts and classify them per our severity framework

• Monitor dashboards for tool health, alert volume, and anomalies

• Run ad hoc reviews and checks

• Document incidents and maintain incident timelines

Pipeline Tracking & Follow-Up

• Assign remediation tasks to domain owners via Jira and track them to closure

• Track SLA compliance, send reminders, and escalate overdue items

• Maintain pipeline status dashboards and generate status reports

• Escalate blockers and non-responsive owners to the Team Lead

Automation & Continuous Improvement

• Implement automations designed with the Team Lead — scan-to-ticket pipelines, alert enrichment, evidence collection, notification workflows

• Identify repetitive manual tasks and propose automation ideas

• Maintain and update runbooks and playbooks

Requirements

Understanding of common security threats, vulnerabilities, and controls

• Experience with SIEM platforms or alert triage workflows

• Comfort with Jira (or similar) for managing work items end-to-end

• Clear written communication for status reports and cross-functional follow-ups

• Basic understanding of cloud environments (GCP, AWS)

Nice to Have

• Security certification (CompTIA Security+ or similar)

• Familiarity with specific tools (CrowdStrike, Okta, n8n, etc)

• Experience building dashboards

• Experience with workflow automation platforms (n8n, Tines, SOAR)

• Hands-on cloud security experience

• Experience working cross-functionally with Engineering, IT, or GRC teams

Why This Role Is Different

• Hire #1 on a new team - real influence on how SecOps is built at Sunbit

• Broad exposure across monitoring, incident response, vulnerability management, identity, compliance, and security reviews

• Automation-first culture - your work directly reduces manual toil

• Direct mentorship from the SecOps Team Lead with a clear growth path as the team scales

Recruitment Fraud Disclaimer

We’ve been made aware of fraudsters impersonating Sunbit employees during the hiring process. Please note that all official communication will come from an @sunbit.com email address, through our applicant tracking platform @sunbit.comeet-notifications.com or directly via LinkedIn. We will never ask for your age, Social Security number, bank account details, payment of any kind, or other unrelated personal information during the application process. Our hiring process always includes interviews, either by phone, zoom, or in person, before any offer is made. If something feels suspicious, please contact us at HR to confirm. We ask that you contact HR only about potential instances of fraud. HR does not reach our recruiting team directly. Your application directly through the posting is the best way to ensure that your candidacy is reviewed by our team. Due to the volume of applications, we will not respond to nor forward emails about your candidacy that are sent to HR directly, and your email about your application will be deleted from our systems.