Lending Club is looking for a Sr. Threat Response Engineer to help assist in detecting and responding to external and internal threats. The senior position will be a key position driving best practices and growing the knowledge base of the Threat Response Team. This is an exciting opportunity for the right individual to play a critical role in defining the threat landscape and necessary detection and response capabilities to contain it. The role will be responsible for ensuring the day to day security incidents are investigated, contained and remediated in a timely manner.
As a critical role to Lending Club’s overall security strategy the candidate should have a strong background in incident response and the respective tools of the trade. We are looking for people who have extensive knowledge of SIEM event analysis and correlation to increase the accuracy and actionability of alerts. The candidate will have worked with or for a Security Operations Center and be familiar with IR best practices at the enterprise level.
The candidate should have technical proficiency across multiple technologies, TCP/IP, HIDs, NIDS, *nix, Windows, etc. They will also have experience writing scripts to automate alerts, data enrichment and response orchestration. The role requires excellent verbal and written communication skills. Candidate should feel comfortable presenting to all levels of the business.
The Sr. Threat Response Senior Engineer will report directly to the Director of Threat Intelligence and Response Engineering and be responsible for driving incident response policies, procedures, and technologies.
What You'll Do
• Become an expert in the Lending Club technology stack to understand points of weakness and opportunities for security solutions
• Design / Build internal tools for InfoSec and Fraud analytics and automation pipelines
• Create and tune models / SIEM alerts for automated response orchestration
• Review security events to determine impact to Lending Club
• Collaborate with internal stakeholders on addressing systemic security issues
• Construct and analyze trends of events and incidents to assist in minimizing Lending Club’s security risk
• Review asset, application, host, server, and security logs for anomalous behavior
• Determine nature and scale of threats and provide recommended containment actions
• Take escalations from Security Operations and treat appropriately
Highly-determined and self-motivated individual, who loves learning new things.
3+ years specifically in Software Development (with a security emphasis).
Proficient in working with Splunk or other SIEM.
Code development experience in Python (ideally geared towards infrastructure automation and / or data analysis).
Experience across cloud (AWS) and data center environments.
Experience automating IR processes and security event enrichment.
Deep understanding of technology and security requirements for complex systems across cloud (AWS) and data center environments.
Comfortable dealing with ambiguity and conflicting priorities.
Strong ethics and understanding of ethics in information security.
Excellent project management skills.
Excellent communication skills in English.
B.S. Computer Science or similar combination of education and experience.
Experience building tools and/or processes to reliably identify security issues such as access violations, malware, data exfiltration, etc.
LendingClub is an equal opportunity employer and dedicated to diversity and inclusion in the workplace. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender identity, sexual orientation, age, marital status, pregnancy status, veteran status, or disability status. We believe that a variety of perspectives will make our teams and business stronger as we work together to transform the traditional banking system.