×
Register Here to Apply for Jobs or Post Jobs. X

Fraud Strategist - Ecosystem

Job in San Francisco, San Francisco County, California, 94118, USA
Listing for: Sofi
Full Time position
Listed on 2026-07-03
Job specializations:
  • IT/Tech
    Cybersecurity, Data Security
Job Description & How to Apply Below
Employee Applicant Privacy Notice

Who we are:

Shape a brighter financial future with us.

Together with our members, we're changing the way people think about and interact with personal finance.

We're a next-generation financial services company and national bank using innovative, mobile-first technology to help our millions of members reach their goals. The industry is going through an unprecedented transformation, and we're at the forefront. We're proud to come to work every day knowing that what we do has a direct impact on people's lives, with our core values guiding us every step of the way.

Join us to invest in yourself, your career, and the financial world.

The Role:

We are searching for a Fraud Strategist, Ecosystem to own horizontal fraud strategy across the SoFi member journey. This is a sophisticated role for an operator who can reason across the entire product and user lifecycle as a single risk surface. You will design decisioning that travels with the member and recognizes perimeter threats and scam typologies as they cross product seams: onboarding, account creation, funding, money movement (ACH, Fed Now, Wire, Zelle, P2P), and high-value product activity.

The work requires fluency in device forensics, entity resolution, account takeover (ATO) defense, scam interception, and the rule-engine craft to translate that fluency into production policy. You will lead the cross-product signal layer that lets every product line see a member's full risk posture, and replace fixed dollar caps with risk-tiered frameworks that price velocity, recency, and counter party risk.

By joining SoFi, you'll become part of a forward-thinking company that is transforming financial services for the better. We offer the excitement of a rapidly growing startup with the stability of an industry leading leadership team.

What You'll Do:

The Fraud Strategist, Ecosystem will help SoFi build a unified cross-product fraud defense by:

* Owning fraud strategy across the full SoFi product surface, designing decisioning that uses signals from onboarding, login, money movement, and product activity together rather than in isolation.

* Leading cross-product perimeter defense covering ATO carryover from compromised credentials, scam interception (authorized push payment, romance, investment, impostor, business email compromise), mule-account detection, and synthetic-identity attacks at funding.

* Driving device forensics across product lines: shared device-graph infrastructure, emulator and VM detection, jailbreak and root signals, residential-proxy detection, and entity resolution that links a single bad actor across accounts that look clean in isolation.

* Designing risk-tiered money movement decisioning for ACH, Fed Now, Wire, Zelle, and P2P flows, replacing fixed dollar caps with dynamic frameworks priced on velocity, recency, counter party risk, and scam telemetry.

* Building the cross-product analytics layer in SQL and Python: shared feature tables, entity-resolution signals, and rule-level attribution that lets every product line see a member's full risk posture.

* Partnering with EPD, Fraud Ops, Info Sec, and product owners to ship strategy changes through the rules engine with clean governance, performance monitoring, and clear escalation when losses deviate from forecast.

What You'll Need:

* BA/BS in Statistics, Information Systems, Mathematics, Data Science, or related fields, or equivalent work experience, and 5-8 years of work experience in Fraud Analytics across multiple product lines.

* ATO and Scam Defense:
Demonstrated track record reducing account takeover and scam losses across more than one product line. Comfort with the scam taxonomy in detail: authorized push payment, romance, investment, impostor, remote access, business email compromise, and the shared signal between them.

* Perimeter Threat Fluency:
Operational understanding of how perimeter threats (credential stuffing, MFA bombing, SIM swap, mule-account farming, synthetic identity at funding, first-party intent fraud) manifest at each entry surface of a multi-product fintech.

* Device Forensics:
Hands-on experience with device fingerprinting, emulator and VM…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary