Associate Application Security Engineer

LendingClub (NYSE: LC) opened in 2007 with one simple mission: create a more efficient, transparent and customer-friendly alternative to the traditional banking system that offers creditworthy borrowers lower interest rates and investors better returns. Today, we're the world's largest online credit marketplace, and we're radically changing the way lending operates. We're proud of the recognition we've received, including being named a World Economic Forum Technology Pioneer, a CNBC Disruptor 50, and one of The World's 10 Most Innovative Companies in Finance by Fast Company. We're conveniently located in downtown San Francisco, California.

About the Team

The Application Security Team plays a key role in protecting all software developed at Lending Club. This core team of application security engineers works closely with and in support of a large team of security focused software engineers all of which work to ensure Lending Club builds and maintains secure software for its customers and partners. As an Application Security Engineer, you will focus on finding and fixing vulnerabilities, promoting good security practices, and solving classes of security problems through engineering solutions, for both front and back end software. In addition, this team integrates tooling and automation, expert review and training throughout the Software Development Lifecycle (SDLC) to ensure security is prioritized at each step to identify potential vulnerabilities and design flaws.

The ideal individual is someone relatively new in their career or looking to jump start a career in Information Security, with a focus on Application Security. The key distinction will be your unparalleled ability to learn about information security. You background could be a blend of application development experience and information security experience. While leading critical operational tasks as part of Application Security, you can learn to support existing and new security solutions—for example automated vulnerability identification, risk intelligence and software development lifecycle touchpoints. Lending Club is an Agile, tech company, and Application Security will work without constraints to both address risk and enable innovation.

The Associate Application Security Engineer reports to the Application Security Director and partners with the broader Information Security Program within the Technology organization of Lending Club.

Responsibilities

  • Run the LendingClub Security Champ program through coordination, scheduling and consulting on security activities within a network of dedicated security oriented engineers.
  • Continuously evangelize security within the organization through awareness proliferation activities such as onboarding training and ongoing training.
  • Learn the Lending Club software stack to understand points of weakness and opportunities for application security solutions.
  • Learn to maintain application security tools and services to ensure quality within Lending Club's SDLC.
  • Collaborate with internal partners on addressing individual and systemic application security vulnerabilities.
  • Assist with management of a Responsible Disclosure Program and Bug Bounty Program.
  • Participate in security reviews to ensure timely evaluation per risk based approaches (we will help you grow in this area).
  • Maintain an active membership and participation in the greater AppSec community.

Qualifications

  • 1+ years software engineering experience (Java focus).
  • 1+ years in the field of software security.
  • Great project management skills.
  • Superb communication skills.
  • Passion about Information Security.
  • Knowledge of browser security controls (CSP, XFO, HSTS, etc.),
  • Experience with OWASP Top 10 and SANS Top 25.
  • Strong ethics and understanding of ethics in information security.
  • B.S. Computer Science or similar combination of education and experience.

Bonus

  • Experience using JIRA.
  • Experience running programs and social communities.
  • Certifications like CEH, SANS certifications, Offensive Security certifications (OSCE, OSWE, etc.)

Why Join Us?

We offer all the important stuff like competitive salaries, equity, 100% paid medical and dental, and because we've been around longer we also have stuff like great food, game rooms, a super convenient location in downtown SF and a 401K match. More importantly, we're the clear market leader, which gives us awesome momentum. As Forbes put it, "While not often thought of as a "sharing economy" company, given the massive size of the financial industry Lending Club could end up being one of the most disruptive–and largest–companies in this sector." We think one of our own employees put it best: "Many companies talk about reshaping an industry, but Lending Club is one of the few that is actually achieving this lofty goal. Growth comes in monthly leaps that just seem to keep accelerating, leading to ever-larger opportunities. There is an intriguing focus on how to get more efficient and do bigger things. Working here is definitely a chance to be a part of something special."

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

#LI-MF1


See Inside the Office of LendingClub

Lending Club (NYSE: LC) is the world’s largest online credit marketplace, connecting borrowers and investors. Lending Club uses technology to lower costs, passing the savings on to borrowers in the form of lower rates—and to investors in the form of solid returns. The market leader by a wide margin, Lending Club has helped more than a million Americans achieve their financial goals to date.


Back to top