Bank of America has flagged the Application Security Engineering Lead job as unavailable. Let’s keep looking.

Credit Karma is a mission-driven company, focused on championing financial progress for our more than 100 million members in the U.S., Canada and U.K. While we're best known for pioneering free credit scores, our members turn to us for tips as they work on their financial goals, including helping them monitor their credit, identity monitoring, searching for credit cards, shopping for loans (car, home and personal), and growing their savings* -- all for free. Credit Karma has grown significantly through the years: we've added more than 70 million members in the last five years alone and now have more than 1,100 employees across our offices in Oakland, Charlotte, Los Angeles and London. 

  • Banking services provided by MVB Bank, Inc., Member FDIC

Security is a core value at Credit Karma. We help millions of people better manage their credit. Safeguarding their sensitive information is critical to our continued success. From the CEO down to each individual engineer, everyone views security as a personal responsibility. Your unique mission as a Security Engineering Manager on our DFIR team is to mine a deep data set of security event information for useful signals and feed the results into automated actions and infrastructure changes.

What You’ll Do:

  • Manage a team of 3-5 security engineers
  • Lead, mentor, and serve as an escalation point for security analysts in Credit Karma's DFIR team.
  • Routinely develop and update incident response playbooks to ensure response activities align with best practices, minimize gaps in response and provide comprehensive mitigation of threats.
  • Prepare incident reports for a mixed technical and non-technical audiences.
  • Leverage Splunk, including Enterprise Security, to craft tests for security hypotheses against Credit Karma’s unique production and corporate environments.
  • Engage with partners in engineering, IT, and operations to respond to and remediate events.
  • Research, extraction, and dissemination of open source intelligence (OSINT) on threat actors targeting the financial industry
  • Maintain operational reports for Key Performance Indicators as well as weekly and monthly metrics
  • Apply broad security industry, technology, business and professional knowledge to contribute to policy-making and process design.
  • Conduct quality assurance reviews of analysts case work, as well guiding and aiding in training and development opportunities for the analysts
  • Initiate automation, where possible, to effectively triage and address security alerts

What’s Great About It:

  • Carrying out two positive missions at the same time: helping people take back control of their credit and helping to keep their personal information safe.
  • Solving frontier security problems at scale in a highly technology-focused team.
  • Spending zero minutes convincing anyone why security is important - we all understand that very well already!

What We Expect:

  • 10+ years of incident detection and response experience
  • Real-world experience responding to complex security incidents including keeping executives updated during the incident
  • Expert level experience with one or more of the following:
  • Host-based detection using tools like commercial EDRs and/or open source tools
  • Network-based forensics and/or Network security monitoring (NSM)

Equal Employment Opportunity:

Credit Karma is proud to be an Equal Employment Opportunity Employer. We welcome all candidates without regard to race, color, religion, age, marital status, sex (including pregnancy, childbirth, or related medical condition), sexual orientation, gender identity or gender expression, national origin, veteran or military status, disability (physical or mental), genetic information or other protected characteristic. We prohibit discrimination of any kind and operate in compliance with applicable fair chance laws. 

Credit Karma is also committed to a diverse and inclusive work environment because it is the right thing to do. We believe that such an environment advances long-term professional growth, creates a robust business, and supports our mission of championing financial progress for everyone. We offer generous benefits and perks with a single eye to nourishing an inclusive environment that recognizes the contributions of all and fosters diversity by supporting our internal Employee Resource Groups. We’ve worked hard to build an intensely collaborative and creative environment, a diverse and inclusive employee culture, and the opportunity for professional growth. As part of the Credit Karma team, your voice will be heard, your contributions will matter, and your unique background and experiences will be celebrated.

COVID-19 update (US Jobs Only):

Credit Karma believes that vaccines are one of the most powerful tools to fight COVID-19 and save lives. We also believe that in order to work toward our mission of helping people make financial progress, people first and foremost need their health. All employees are required to be fully vaccinated against COVID-19 prior to their start date unless otherwise approved for an exception as may be required by law.

Privacy Policies:

Credit Karma is strongly committed to protecting personal data. Please take a look below to review our privacy policies:

  • GDPR Privacy Policy
  • California Consumer Privacy Act (CCPA)
Read Full Description
Confirmed 5 hours ago. Posted 30+ days ago.

Discover Similar Jobs

Suggested Articles