We are at the forefront of change in this rapidly evolving lending market. mello™, the Greek word for “future,” was the product of a recent $80+ million dollar investment in research & development to transform & streamline the home buying process into a digital experience like no other competitor offers. But mello™ is just the beginning… loanDepot will continue to invest in developing our own advanced technology ecosystem built around serving our customers & enabling our valued employees to provide exceptional service. We have funding, we have opportunities, you have ideas—it’s a perfect match.
loanDepot — We are America’s Lender.
loanDepot, LLC is in search for an Security Engineer within our program. Reporting to the Director, Cybersecurity Operations, the successful candidate will have a strong work ethic, a general understanding of security protocols, and monitoring of enterprise wide threat and vulnerability management solutions for loanDepot Enterprise systems. The Security Engineer strives to enforce security best practices, policies, standards and guidance to ensure the safeguard of loanDepot’s proprietary data, infrastructure and resources from internal and external threats. The successful candidate is required to maintain a comprehensive understanding of services provided by loanDepot and develop relationships throughout the organization to assist Information Security in accomplishing its goals for the company. This includes identifying, triaging and responding to security breaches, as well as apparent attacks, and following established reporting protocols. The role requires a grasp of information security principles and practices.
- Configure resources to detect vulnerabilities to operating systems, applications, databases and the network infrastructure components. Detect, enumerate and classify major vulnerabilities, perform trend analysis and reporting for the Enterprise through the use of vulnerability assessment tools and methodologies.
- Evaluate the results from intrusion detection devices used for monitoring and reporting of network traffic for analysis of unwanted manipulation to systems, malicious network traffic, network attacks against vulnerable services, data driven attacks on applications, host based attacks or unauthorized access to sensitive data.
- Schedule and maintain security operations management of operating systems, security applications and network infrastructure components. Provide security configurations, controls for monitoring and centralized logging for network and server devices.
- Coordinate resources for auditing of applications, operating systems and networks to provide a measurable technical assessment that includes, performing security vulnerability scans, reviewing access controls and analysis to ensure availability, confidentiality and integrity to help the organization meet internal and external regulatory compliance.
- Have the ability to formulate and interpret penetration test information results for the enterprise. Manage vulnerability detection, analysis and exploitation remediation to ensure confidentiality, integrity and availability of mission critical information assets.
- Provide guidance using specialized knowledge and toolsets to operational teams during enterprise wide crisis scenarios outside of the routine change management process or production scope.
- Have experience with enforcement of information security policies and procedures. Familiarity with information security standards such as NIST, ISO, COBIT, and associated security controls.
- Must be self-directed with the ability to work independently to meet deadlines and produce quality work in a time-sensitive, fast-paced environment.
- Bachelor’s Degree in Information Technology, Mathematics, Business, Engineering or related fields with 3+ years of professional experience.
- Comprehensive understanding of Security Methodologies
- Experience with reverse engineering of malware
- Experience with TCPIP/UDP/ICMP
- Knowledge of the OSI Reference Model
- Windows / Linux / Unix operating systems
- Experience with networking components (routers, switches, load balancers, wireless access points, etc.)
- Knowledge of firewalls, proxies, mail servers and web servers
- Experience with operational support for operating systems, applications and networks
- Knowledge of client/server relationships
- Knowledge of relational databases and structured query language
- Experience with vulnerability assessments
- Experience with intrusion management and its components
- Understanding of encryption algorithms and ciphers (PKI/SSL)
- Knowledge of malicious code (worms, viruses, spyware, etc.)
- Experience with Virtual Private Networking
- Knowledge of multi-tier environments
- Experience with event and log correlation
- Effective team management, time management, and organizational skills
- Effective written and verbal communication skills
- Effective analytical and problem solving skills
- Proficient in Microsoft Office Suite products
- Security+, CISSP, GIAC, CRISC, CEH certifications preferred
- Competitive compensation reliant on ability & experience
- Excellent benefits package including multiple health, dental & vision options
- Company paid life and AD&D Insurance, as well as additional voluntary benefit possibilities
- 401K with robust company match
- 15+ PTO days, in addition to 8 paid company holidays
- The opportunity to work for America’s Lender under the vision of industry legend, Anthony Hsieh
loanDepot is a proud equal opportunity employer.