• Define, build, and refine mechanisms to secure AI systems (including self-hosted models, LLM APIs, agents, MCPs, and other core components of the AI stack) against adversarial behavior of all kinds • Understand technically complex AI systems, identify potential weaknesses in their architecture, and implement improvements • At least 50% of time performing hands-on remediation. Also working closely with peer engineers to drive remediations • Plan and carry out threat modeling activities and realistic threat simulations across our offerings • Conduct cybersecurity evaluations and lead AI security assessments in a cross-functional environment • Develop initiatives that improve our capabilities to effectively evaluate AI systems and enhance the organization's prevention, detection, response, and threat hunting capabilities • Provide guidance and education to developers to help deter and prevent threats

• Partner with infrastructure and engineering teams to embed security into development workflows and promote secure-by-default patterns • Build Terraform modules with built-in security guardrails, such as logging, encryption, and automated threat detection enablement • Deploy cloud-native detection capabilities using AWS GuardDuty, Security Hub, and custom detection rules to identify credential compromise, crypto-mining, and lateral movement • Maintain SOC 2 Type II and ISO 27001 compliance through automated collection of cloud control evidence • Conduct security audits of cloud resource configurations using tools like AWS Config and Open Policy Agent, and remediate deviations from CIS Benchmarks and our internal security policies • Secure CI/CD and supply chain pipelines by implementing controls such as artifact signing, secret scanning, and dependency monitoring • Apply zero trust principles through strict network segmentation, authentication, and authorization across our cloud environments • Participate in the security on-call rotation and respond to security alerts and incidents to ensure rapid mitigation and root cause analysis

Employee Applicant Privacy Notice Who we are: Shape a brighter financial future with us. Together with our members, we’re changing the way people think about and interact with personal finance. We’re a next-generation financial services company and national bank using innovative, mobile-first technology to help our millions of members reach their goals. The industry is going through an unprecedented transformation, and we’re at the forefront. We’re proud to come to work every day knowing that what we do has a direct impact on people’s lives, with our core values guiding us every step of the way. Join us to invest in yourself, your career, and the financial world. The role: SoFi is searching for an exceptionally experienced and proactive Physical Security Manager to lead all physical security operations at our Jacksonville office. This is a critical, high-impact, full-time, in-person role (M-F), essential for maintaining the safety of SoFi’s personnel, assets, and operational continuity. Reporting to the Physical Security Senior Manager, this key leader on the Global Security & Investigations Team will be instrumental in strategic planning, vendor management, incident response, internal investigations, executive protection, and coordinating with law enforcement and emergency responders. A paramount responsibility includes serving as an executive protection asset for the CEO and other senior executives when called upon. This role demands robust technical expertise, exceptional judgment, and the demonstrated ability to thrive in a dynamic, high-growth corporate environment. The successful candidate must maintain 24/7 on-call availability to address security incidents, medical emergencies, executive protection deployments, and threats to SoFi personnel or property. What you'll do: Define, execute, and align the long-term vision, strategy, and roadmap for Physical Security with company objectives. Manage third-party security vendors, including contracted personnel, integration partners, and software platforms. Provide operation support to the access control lifecycle: creation, troubleshooting, termination, and audit-ready recordkeeping. Maintain security system standards and assist with all required physical security hardware and software installations. Develop clear, actionable security status reports and visuals for senior leadership. Ensure timely completion and accurate tracking of all security-related projects. Assist in managing the Physical Security budget and ensuring timely processing of invoices. Draft and propose new security procedures and standards for leadership review. Serve as an executive protection asset for the SoFi CEO and other senior leaders as needed. Provide executive protection support for SoFi leadership during travel and public engagements as needed. Respond swiftly and effectively to threats against SoFi personnel or property, coordinating with law enforcement, when necessary. Lead investigations into physical security incidents, including threats, thefts, injuries, and financial crimes. Assist in conducting sensitive investigations as directed by the Head of Global Security & Investigations. Drive the strategic direction and execution of incident response planning. Maintain 24/7 on-call availability for security incidents, emergencies, and executive protection needs. Act as a liaison to local, state, and federal law enforcement on matters of physical security and financial crime. Act as a liaison to fire rescue and emergency response personnel. Lead internal and external audit support efforts (e.g., FED, OCC, Deloitte) for all physical security matters. Collaborate with cross-functional partners: Facilities, Network Operations, InfoSec, HR, Finance, IT, Risk, and Operations. Partner with Cybersecurity to secure cloud-based and on-premise physical security systems. Coordinate with property management and onsite security teams across all leased office locations. Lead company-wide security training programs: active shooter response, de-escalation, workplace violence prevention, and emergency preparedness. Support emergency preparedness by partnering with Site Leadership Teams on drills, disaster plans, and tabletop exercises. Identify, vet, and deploy emerging security technologies to enhance operational capability and situational awareness. Build and maintain relationships with key industry and intelligence groups (ASIS, SIA, CISA, DSAC, etc.) to proactively address evolving threats. Conduct Site Risk Assessments as necessary across the SoFi global real estate portfolio. Travel as needed to conduct executive protection and other essential duties. Required Qualifications Preferred Qualifications Bachelor’s degree in Criminal Justice, Security Management, or a related field. 5+ years of experience managing security operations within a corporate or global setting. Expertise in Security Systems; Lenel, Genetec, Ambient.ai, Ontic, Envoy, ExacqVision, Axis Certified Protection Professional (CPP), Physical Security Professional (PSP), and/or Associate Protection Professional (APP) designation is highly preferred. Experience with Learning Management Systems (LMS) or instructional content development. Intimate working knowledge of the Google Suite. Spanish language proficiency is strongly preferred. Prior service in the military, special operations, or federal law enforcement is highly valued. Compensation and Benefits The base pay range for this role is listed below. Final base pay offer will be determined based on individual factors such as the candidate’s experience, skills, and location. To view all of our comprehensive and competitive benefits, visit our Benefits at SoFi page! SoFi provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion (including religious dress and grooming practices), sex (including pregnancy, childbirth and related medical conditions, breastfeeding, and conditions related to breastfeeding), gender, gender identity, gender expression, national origin, ancestry, age (40 or over), physical or medical disability, medical condition, marital status, registered domestic partner status, sexual orientation, genetic information, military and/or veteran status, or any other basis prohibited by applicable state or federal law. The Company hires the best qualified candidate for the job, without regard to protected characteristics. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. New York applicants: Notice of Employee Rights SoFi is committed to an inclusive culture. As part of this commitment, SoFi offers reasonable accommodations to candidates with physical or mental disabilities. If you need accommodations to participate in the job application or interview process, please let your recruiter know or email accommodations@sofi.com. Due to insurance coverage issues, we are unable to accommodate remote work from Hawaii or Alaska at this time. Internal Employees If you are a current employee, do not apply here - please navigate to our Internal Job Board in Greenhouse to apply to our open roles.

• Set the security direction for programmes and projects, ensuring alignment with organisational standards • Define and own end-to-end security architecture and scope across global deployments • Embed secure design principle, patterns, and controls into engineering and DevOps workflows • Partner daily with technical teams to provide practical security guidance and unblock delivery challenges • Ensure solutions meet security requirements, with clear identification and management of risk and residual exposure • Support technical design reviews and coordinate assurance • Perform first line risk assessments • Conduct supplier security reviews and contribute to third-party contract security requirements • Develop mitigation strategies to strengthen overall cyber resilience • Maintain clear documentation and reporting across risk, assurance and compliance