OnePay is a consumer financial services app with an exceedingly simple mission: to help people achieve financial progress.
Tens of millions of Americans today are unbanked or underbanked, meaning they don’t have enough money in savings to cover a minor emergency. They pay too much in fees, don’t have access to credit at affordable rates, and have little ability to grow their wealth. OnePay’s vision is to create a single app for consumers to save, spend, borrow, and grow their money, bringing our mission to life with simple and accessible banking, credit, and payments products that deliver a best-in-class experience to millions of customers. Our products include:
Checking and high-yield savings accounts
Domestic and international peer-to-peer payments
Credit Builder and credit score monitoring
Digital wallet / contactless payment solutions
Buy-now-pay-later installment loans at Walmart
Why do we have a right to win? We have the backing of Walmart (a Fortune 1) and Ribbit Capital (a preeminent fintech investor), are deeply embedded with the distribution of the world’s largest omnichannel retailer, and have an industry-leading multi-product value proposition — all in addition to having some of the best people and talent in the industry.
There’s never been a better time to build a category-defining business and there has rarely been a team better positioned for the opportunity. Join us!
The RoleAs our GRC Engineer in Risk and Assurance at OnePay, you will support the Security team with a focus on third-party risk management (TPRM), while also contributing to vulnerability and patch management, reviewing cloud security findings, data governance and privacy, and audit support. It’s a hybrid security role for someone eager to wear multiple security-related hats and grow alongside a seasoned team! You will:
Drive and support the third-party risk management (TPRM) process
Collaborate on vendor assessments and contract reviews tied to business deals
Assist with vulnerability and patch management operations and process implementation
Support the review of cloud security findings and remediation workflows
Assist in the implementation of new systems and applications from a security perspective
Help build the data governance and privacy program in conjunction with legal and business stakeholders
Contribute to security compliance activities and internal & external audits
6+ years of experience in security governance, cloud and application security assessments, risk management, and/or third party risk.
Strong knowledge of various industry standard frameworks such as NIST, FFIEC, SOC 2, PCI DSS, HiTrust, etc.
Thorough knowledge of enterprise-scale security architecture, cloud security, and application security best practices.
Domain knowledge of multiple disciplines including IT systems, networking, security, and compliance.
Familiarity with containerization technologies (e.g., Docker, Kubernetes) and CI/CD pipelines.
Excellent written and verbal communication skills, with the ability to convey technical concepts to both technical and non-technical audiences.
Strong analytical and problem-solving skills with the ability to work independently and as part of a team.
Relevant certifications such as AWS Certified Security Specialty, Certified Information Systems Security Professional (CISSP), or Certified Cloud Security Professional (CCSP) are a plus.
Competitive base salary, stock options, and health benefits from Day 1
401(k) plan with company match
Remote-friendly (US), flexible time off (FTO), and opportunities for growth
A high-growth, mission-driven, inclusive culture where your work has real impact
Initial Interview with Talent Partner
Technical or Hiring Manager Interview
Team Interview
Executive Interview
Offer!
To build technology and products that are used and loved by people and solve real-world problems, we need to build a team with many different perspectives and experiences. We are an equal opportunity employer. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We encourage candidates from all backgrounds to apply. Applicants in need of special assistance or accommodation during the interview process or in accessing our website may contact us at [email protected].
OnePay Compensation & Benefits Highlights
The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about OnePay and has not been reviewed or approved by OnePay.
-
Fair & Transparent Compensation — Pay is considered competitive and has shown recent improvement, aligning with market-level ranges cited for several roles. Feedback suggests overall pay is solid relative to comparable fintech employers.
-
Healthcare Strength — Health benefits from Day 1 and descriptions of “Cadillac” plans indicate strong medical coverage. Feedback suggests immediate eligibility and plan quality form a robust healthcare baseline.
-
Leave & Time Off Breadth — Flexible PTO/sick time and generous parental leave are highlighted as part of the core package. Feedback suggests time-off breadth supports work-life balance in a remote-first context.
OnePay Insights
Similar Jobs
What We Do
We're on a mission to help people achieve financial progress. We're seeking team members who are hungry, humble, and honest to help us build simple solutions for people to save, spend, and grow their money — all in one place. Here you’ll have the opportunity to challenge the status quo with proven leaders in fintech, banking, consumer products, and tech. One is backed by Walmart and Ribbit Capital. Learn more about us at www.one.app. Follow for the latest news and updates on employee life. One card is issued by Coastal Community Bank pursuant to licensing by Mastercard® International.
