LendingTree is continuing to grow its Information Security team with the addition of Information Security Engineer. These positions will perform a variety of security related tasks such as, but not limited to, the handling of tickets, performing security assessment and working with end users and internal customers if security issues are reported.
Successful candidates will be exposed to a wide array of security tools, systems, methodologies and mentorship that will rapidly escalate technical understanding and ability in the Information Security field.
Enhance LendingTree’s Information Security Program under the direction of the senior InfoSec team members
Provides hands-on information security technical consulting to the business users
Evaluates security exploit reports, and other information security notices issued by information system vendors, government agencies, researchers to provide security recommendations to the application/business owners
Provide security-based risk assessments of business and technology projects and initiatives
Interact with third party partners in the process of due diligence and audits through questionnaires as well as on site audits
Apply security best-practices and principles to network protocols, architectures, equipment, services, standards and technologies
Monitor information security systems for vulnerabilities, potential security incidents, and system error conditions and follow up or remediate issues
Stay up-to-date on information technology trends and security standards
- 5+ yrs. experience in IT with 3+ yrs. in Enterprise Information Security/Risk Assessments
- Deep passion for information security and the desire to constantly learn and grow in the field
- Good understanding of industry standard security monitoring systems and security tools and ability to monitor and analyze alerts to identify security issues and escalate for remediation
- Self-motivated and able to work well with minimal supervision or in a team environment; consult with team members and management as needed
- Ability to perform analysis of data, processes, policies, procedures and/or systems; produce unambiguous, comprehensive and accurate interpretations
- Familiarity of regulatory requirements (i.e., PCI, HIPAA, GLBA, SOX) and frameworks (e.g., NIST, ISO 27002 etc.)
Expert level experience at least of some of the following areas is must
- Penetration testing
- IAM – Identity and Access ManagementCloud computing environment such as Google Cloud, AWS, Azure etc.
- Vulnerability scanning
- Third Party Risk Assessment
- SIEM Management
- We’re making a real difference in the financial lives of consumers. The work you’ll do here matters.
- Information Security isn’t the only area that rocks, everyone at LendingTree does.
- Unique entrepreneurial environment filled with flip-flops, t-shirts and people that take their job seriously. We’re a start-up company in publicly traded suit. We have a lot of fun and can afford the grown-up toys.
LendingTree is the kind of company that not only promotes diversity and inclusion; we thrive because of these values. We do not discriminate based on race, color, religion (or creed), gender, gender expression, age, national origin, disability, marital status, sexual orientation or military status.