Employee Applicant Privacy Notice Who we are: Shape a brighter financial future with us. Together with our members, we’re changing the way people think about and interact with personal finance. We’re a next-generation financial services company and national bank using innovative, mobile-first technology to help our millions of members reach their goals. The industry is going through an unprecedented transformation, and we’re at the forefront. We’re proud to come to work every day knowing that what we do has a direct impact on people’s lives, with our core values guiding us every step of the way. Join us to invest in yourself, your career, and the financial world. The Role: We are seeking a Cybersecurity Incident Commander to join SoFi’s Cyber Defense program and lead incident command efforts across the organization. This role will serve as a central driver for security incident response, ensuring effective management of day-to-day incidents as well as large-scale, high-impact cybersecurity events. The SOC team is responsible for monitoring, analyzing, and responding to security events across SoFi’s infrastructure and applications. As a dedicated incident response resource within Cyber Defense, you will coordinate cross-functional response efforts, maintain incident command structure during active events, and ensure consistent communication, documentation, and resolution tracking. This is a highly visible role that partners closely with SOC Analysts, Threat Research, Offensive Security, Tools Automation & Operations (TAO), Engineering, IT, Legal, Risk, Executive team, and other stakeholders to drive timely containment, eradication, and recovery. The ideal candidate thrives in fast-paced environments, brings structure to ambiguity, has exceptional communication skills, and can effectively drive complex incidents from detection through post-incident review. What You’ll Do: Serve as the primary Security Incident Commander for security incidents identified