Blend helps lenders maximize their digital agility. Our digital lending platform is used by Wells Fargo, U.S. Bank, and other leading financial institutions to increase customer acquisition, improve productivity, and accelerate the delivery of any banking product across every channel. We process more than $3.5 billion in mortgages and consumer loans daily, helping millions of consumers get into homes and gain access to the capital they need to lead better lives.
As a Security Analyst Intern, you’ll work with all major functions of the Security team at Blend. This means that you’ll have the opportunity to get a feel for Security Operations, Policy, and Engineering through a selection of targeted mini-projects in each area. Your work at Blend will reach across all aspects of the company, from assessing the risks associated with expanding our products, to advising product and engineering on secure systems design, and even responding to live security incidents.
Your work will enable the company to continue pushing into new parts of the consumer lending industry while making sure that we keep highly sensitive financial information safe. Securing a company means that you’ll need to understand the context of the entire organization, from strategic business drivers to technical engineering challenges. There’s a lot to learn, and we’ll give you the opportunity to pick up skills quickly by working on real projects that will help Blend move forward right now. If you are passionate about building systems that protect sensitive financial information and preserve consumer privacy, we want to hear from you!
This is a 12 week summer internship.
How you'll contribute:
- Identify gaps in third-party security programs that could lead to risk for Blend
- Test the effectiveness of security controls and processes, working with a variety of cross-functional teams along the way
- Build automated responses to alarms and events triggered within our Security Operations Center
- Run scans and tests against our web applications, and determine the severity of your findings and how they could impact the company
- Shadow the team during secure design office hours, on-call engineering rotations, and calls with security teams at the largest banks in the world
Who you are:
- Proven understanding of information security fundamentals, and curiosity to learn more
- Demonstrated ability to listen and ask thoughtful questions that help surface risks
- An aptitude for working with cloud-based technology and tools (AWS, GitHub, etc.)
- Expected graduation date of Summer 2022
- Understanding of cloud security policy and control frameworks (ISO 27001, SOC 2, PCI-DSS, NIST)
- Proficiency in a programming language (we use Typescript, Golang, and Python)
- Working knowledge of Unix computing tools and data querying languages (Linux commands, SQL)