Application Security Engineer
Posted on: February 24, 2021
We are at the forefront of change in this rapidly evolving
lending market. mello---, the Greek word for future, was the
product of a recent $80+ million dollar investment in research &
development to transform & streamline the home buying process into
a digital experience like no other competitor offers. But mello---
is just the beginning--- loanDepot will continue to invest in
developing our own advanced technology ecosystem built around
serving our customers & enabling our valued employees to provide
exceptional service. We have funding, we have opportunities, you
have ideas-it's a perfect match. Come join us! loanDepot - We are
America's Lender. Position Summary: Responsible for delivering
senior level innovative, compelling, coherent software solutions
for our consumer, internal operations and value chain constituents
across a wide variety of enterprise applications through the
creation of discrete business services and their supporting
components. This position has an emphasis either on the front-end
or backend development focus depending on the placement of the role
and team. The job duties and requirements are defined for backend
and front-end separately. This position ensures the performance of
all duties in accordance with the company's policies and
procedures, all U.S. state and federal laws and regulations,
wherein the company operates. Responsibilities:
- Develops software: Designs and implements new technologies,
frameworks and platform improvements. Subject-matter expert for
application security, engaging, collaborating and advising on
application security and application security analytics practices,
standards, and methods.
- Estimates tasks: Estimates and delivers significant projects
and initiatives on schedule.
- Troubleshooting and problem solving: Expert debugging. Read
memory dumps, analyze log files for patterns. Very familiar with
common problems (memory leaks, deadlocks, etc.) Uses tools to
analyze code and look for problems, including Veracode and
- Project design & execution: Correctly reads and delivers
business and technical requirements. Looks for opportunities to
group capabilities into frameworks, suggests innovative solutions,
and leverages existing technologies. Balances elegant &
sophisticated against pragmatic. Strong attention to detail.
Sponsors initiatives and is a driver of requirements. Leads complex
and significant projects. Plans and manages scope, resources and
- Testing: Expert, builds happy-path and sad-path unit tests.
Builds tests which validate key capabilities or fragile code.
Builds automated functional and integration tests. Experienced with
Test Driven Development (TDD), Behavior Driven Development (BDD)
and other testing methodologies. Creates testing strategy.
- Document Solutions: Clearly documents solutions by following
established templates. Improves existing templates and creates new
templates as needed. Drives the strategic development of
documentation to improve efficiency and transparency.
- Governance: Completes all mandatory training and abides by all
policies, laws and guidelines. Champions new and improved policies
and procedures. Manages organizational change.
- Provide oversight and assurance for assessment of enterprise
applications, including web, cloud, and mobile applications to
deliver secure and robust solutions.
- Performs analysis of software code repositories, applications,
code designs, processes and implementation from a security
- Working with development and infrastructure members to identify
and resolve security issues in context of any potential
compensating controls (WAF, IPS, IDS, ML, AI, NBA, EUBA,
- Working with software developers to integrate application
security from group up for build and assurance processes.
- Prior experience with application software development life
cycle (SDLC) and Security Software development life cycle (SSDLC)
- DAST/SAST/WSA/API experience is critical to success in this
- Experience with vulnerability management, application security
concepts, best practices, and architectures for API, Microservices,
networking and data.
- Assess software architecture and in collaboration with security
architects, identify appropriate software constructs, methods, and
solutions to enable security delivery of application services.
- Experience in Waterfall, Agile, SCRUM, CI/CD and DevOps -
secure DevOps experience a plus.
- Experience working in an information security organization and
understanding of Governance, Risk, and Controls processes.
- Experience with browser security controls and practices.
- Mobile application platform experience a plus.
- Contributes to overall enterprise technical architecture and
implementation best practices.
- Informs efforts to develop and refine functional and
- B.S. in Computer Science or B.S. Software Engineering or B.A.
in Computer Information Systems or equivalent education or
- Minimum ten (10) + plus years of relevant technology job
- Experience in the Financial Services industry preferred. The
- Competitive compensation reliant on ability & experience
- Excellent benefits package including multiple health, dental &
- Company paid life and AD&D Insurance, as well as additional
voluntary benefit possibilities
- 401K with robust company match
- 15+ PTO days, in addition to 8 paid company holidays
- The opportunity to work for America's Lender under the vision
of industry legend, Anthony Hsieh We are an equal opportunity
employer and value diversity in our company. We do not discriminate
on the basis of race, religion, color, national origin, gender,
sexual orientation, age, marital status, veteran status, or
disability status.#LI-SS PM17
Keywords: loanDepot, Irvine , Application Security Engineer, Engineering , Irvine, California
Didn't find what you're looking for? Search again!