We are at the forefront of change in this rapidly evolving lending market. mello™, the Greek word for “future,” was the product of a recent $80+ million dollar investment in research & development to transform & streamline the home buying process into a digital experience like no other competitor offers. But mello™ is just the beginning… loanDepot will continue to invest in developing our own advanced technology ecosystem built around serving our customers & enabling our valued employees to provide exceptional service. We have funding, we have opportunities, you have ideas—it’s a perfect match.
loanDepot — We are America’s Lender.
loanDepot, LLC is in search for an Engineer, Applications Security within our program. Reporting to the Director, Cybersecurity Architecture & Engineering, the successful candidate is required to implement the application security part of this strategic program consistently across the organization. This position will help define and validate the implementation of security controls on loanDepot systems and applications. The Applications Security Engineer will contribute to the implementation of new security standards and process with loanDepot’s web properties. You will include the appropriate security analysis, defenses and countermeasures at each phase of the software development lifecycle, resulting in a robust and reliable software. The candidate will have a strong work ethic focused on supporting process and necessary tools to support Secure SDLC in a fast-paced application development environment and technology operations.
- Integrating security tools, standards, and processes into the software development life cycle (SDLC)
- Ensuring that developers and QA personnel are trained with the appropriate level of security knowledge to perform their daily activities
- Improving and supporting application security tool deployments including static analysis and runtime testing tools
- Improving and maintaining secure development standards
- Supporting the incident response and architecture review processes whenever application security expertise is needed.
- Providing penetration testing services, including both expert consulting and managed services and standards gap analysis services to internal business and technology partners
- Managing application framework and perimeter security improvement projects
- Supporting Vendor Security activities to ensure 3rd-party software and development meets security standards
- Providing security requirements for test-driven design
- Producing metrics reporting the state of application security programs and performance of development teams against requirements.
- Troubleshoot and debug issues that arise
- Provide engineering designs for new software solutions to help mitigate security vulnerabilities.
- Contribute to all levels of the architecture
- Support an Application Security program working closely with the DevOps, application development and QA teams
- Maintain knowledge of new security trends and technologies
- Attend design and application architectural reviews to establish expertise and assimilate knowledge of the environment
- Performing testing of new and existing applications for security vulnerabilities
- Integrating security into development processes
- Participating security operations support and incident handling
- Evaluating and recommending new and emerging security products and technologies
- Background in web and/or mobile application security and penetration testing techniques
- BS in Computer Science or related field combined with 6-8 years of overall information security experience
- Mastery of programming language and development tools in the following technology stacks: Windows Development API's including C#, .NET architecture, WMI, Active Directory, XML, and Windows Server administration a plus
- A solid foundation in computer science, with strong competencies in data structures, design patterns, object-oriented programming, algorithms and software design
- Strong fundamentals of topics in Operating systems (e.g. virtual memory, IPC, processes, threads, kernel, scheduler, I/O, file systems
- Understanding of application threat modeling and SDLC security practices
- Excellent analytical skills with the ability to resolve technical issues as both an independent thinker and team member with a focus of action with results
- Ability and willingness to learn quickly new skills, flexibility to work in an agile and fluid environment
- Project management skills
- Good verbal and written communication skills
- Information Security Certifications such as CISSP, Security+, GIAC, CIH, CEH
- Competitive compensation reliant on ability & experience
- Excellent benefits package including multiple health, dental & vision options
- Company paid life and AD&D Insurance, as well as additional voluntary benefit possibilities
- 401K with robust company match
- 15+ PTO days, in addition to 8 paid company holidays
- The opportunity to work for America’s Lender under the vision of industry legend, Anthony Hsieh
loanDepot is a proud equal opportunity employer.