Sr. Information Security Analyst

Who We Are

We're America's largest mortgage lender, closing loans in all 50 states. J.D. Power ranked Quicken Loans "Highest in Customer Satisfaction in Primary Mortgage Origination" for the past nine consecutive years, 2010 - 2018. The company was also ranked highest in the nation for client satisfaction among mortgage servicers by J.D. Power for five consecutive years, 2014 through 2018, each year the company was eligible. There's a simple reason we've been so successful: We care about the people we work with.

If you're tired of stuffy, bureaucratic workplaces, then you'll be delighted to find something different here. We strive to make a creative, fun and collaborative environment you simply won't find anywhere else. Quicken Loans was named #1 in ESSENCE Magazine's first ever list of "Best Places to Work for African Americans" in 2015. We've been on Computerworld's "Best Places to Work in IT" list for 13 years running, hitting #1 the last five years. We were also ranked #14 in FORTUNE Magazine's list of "100 Best Companies to Work For" in 2018, remaining in the top-30 for the past 15 years.

Job Summary

The Information Security Analyst is a rock star who plays a critical role in defending the enterprise from the bad guys and is in the trenches every day ensuring our security controls are working properly. After all, if no one checks and monitors our controls, how do we know if they're working? The analyst role is also responsible for ensuring that the handling of sensitive company and client information follows our company and industry standards. Additionally, this role works hand-in-hand with the Information Security Engineers to ensure our security technologies are producing necessary and relevant information.


  • Daily monitoring of security events, performing investigations, and working with the appropriate team members, business teams, and IT teams to develop solutions that address critical security concerns
  • Regular audit of access throughout systems/applications, working with IT and business teams to ensure access is at appropriate levels.
  • Analyze system and other event logs to detect nefarious activity
  • Coordinate investigation and response of security incidents
  • Audit many of our company's security controls to ensure they are working correctly
  • Build documentation of existing processes and exceptions based on audit findings
  • Coordinate with information security and other IT engineers to ensure existing or new sources of audit data
  • Work with the business to optimize/automate security-based processes
  • Review and assessment of third-party vendors
  • Coordinate periodic testing of information security-specific processes such as incident response plan
  • Contribute to vision of information security tools and processes with an eye toward the future
  • Translation of existing controls and concepts into audits to determine control effectiveness
  • Mentorship of more junior information security team members
  • Assist in light leadership duties as needed
  • Other duties as required

  • 5 years of experience in an information security analyst role
  • Has a passion for areas of information security / information assurance
  • Able to maintain strict confidentiality
  • Great writing, organization, interpersonal and communication skills
  • Prioritize multiple tasks effectively
  • Analytical thinker with a high sense of urgency
  • Comfortable doing repetitive tasks (audits) where required
  • Embraces constant change
  • "Options, Not Obstacles" mentality
  • Thorough and detail-orientated
  • Ability to look at all situations objectively, Loves to challenge assumptions
  • Can work independently without supervision
  • Embrace a fast-paced start-up style environment
  • Strong knowledge in the inner secrets and magic spells of Microsoft Excel

What'll Make You Special
  • Operating systems (Windows, Mac, Linux/Unix, Mobile)
  • Network theory/design
  • Penetration testing
  • Endpoint security monitoring
  • Coding/Scripting
  • Malware - reverse engineering
  • Familiarity with InfoSec authoritative sources (NIST, OWASP, etc.)
  • Enterprise risk methodologies
  • Knowledge of Mortgage/Financial industry
  • GIAC or other security certifications

Back to top