Vulnerability Management Engineer

  • Location: Chicago
  • Department: Security
  • Work Status: Full-time

Overview

We are Relativity. A market-leading, global tech company that equips legal professionals with a powerful platform to organize data, discover the truth, and act on it.  The U.S. Department of Justice, 198 of top 200 U.S. law firms, and more than 70 Fortune 100 companies are among our customers who trust Relativity during litigation, internal investigations, and compliance projects.
 
Our SaaS product, RelativityOne, has become the fastest-growing product in the company's history and we have consistently been named a great workplace. As we grow, we continue to seek individuals that will bring their whole self to our team atmosphere.
 
Join us in the transformation of the legal industry and play a pivotal role in shaping the future of the practice of law and beyond.

Relativity is looking for a Vulnerability Management Engineer to join a fast-paced and dynamic Cyber Security team. You will help us better organize, prioritize, remediate and report on our vulnerabilities.

Responsibilities

  • You will implement and direct processes across the vulnerability management lifecycle, including Discovery, Prioritization of Assets, Vulnerability Assessment, Reporting, Remediation, and Verification.
  • You will assist with developing team objectives to resolve risk and identify new areas of exposure.
  • You will validate and help remediate critical findings resulting from audit processes.
  • You will collaborate with Threat Intelligence groups to overlay observations from the global threat landscape with patching and remediation strategy.
  • You will review opportunities to reduce the risk surface of Relativity
  • You will build scripts, tools, and methodologies to conduct penetration testing.
  • You will research emerging threats and apply analytical understanding of hacker methodologies and tactics, system vulnerabilities and key indicators of exploits. 

Qualifications

  • Exposure in the following domains: port scanning, client-side and back-end vulnerabilities, and evasion techniques.
  • Experience with vulnerability management and offensive security tools, including SecurityCenter/Nessus, Splunk, Burp Suite, and Metasploit.
  • Familiarity with the security, common flaws, and threat profile of SaaS-based applications.
  • Ability to identify adversary tactics, techniques, and procedures (TTPs), targeting, malware development and implementation.
  • One or more of the following certifications: OSCP, CEH, GPEN, CISSP is a plus
  • Capacity to provide both high-level and technical briefings on vulnerabilities
  • 1-3 years experience in vulnerability management, security engineering, or a related discipline or equivalent experience

  • #LI-SN1

About Relativity

At Relativity, we live our core values and we thrive on solving complex problems. We’re dedicated to continually improving our product and providing relentless customer service. We seek professionals that will bring their authentic and unique experiences to our teams.   We understand career choices are a big decision, and we thank you for considering Relativity.   All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

How We #ActOnIt