Advanced Software Security Engineer - SecOps
We are Relativity. A market-leading, global tech company that equips legal professionals with a powerful platform to organize data, discover the truth, and act on it. The U.S. Department of Justice, 198 of top 200 U.S. law firms, and more than 70 Fortune 100 companies are among our customers who trust Relativity during litigation, internal investigations, and compliance projects.
Our SaaS product, RelativityOne, has become the fastest-growing product in the company's history and we have consistently been named a great workplace. As we grow, we continue to seek individuals that will bring their whole self to our team atmosphere.
Join us in the transformation of the legal industry and play a pivotal role in shaping the future of the practice of law and beyond.
As an Advanced Software Security Engineer you will build software, automate systems, and build tools to better protect Relativity. Your software will ensure the rest of our security team has the tools they need to succeed.
The Security Operations (Sec-Ops) Team:
Join the Security Operations team where we build software reducing risk to protect our product, customers and our people. You will join a team that builds automation software from the ground up, configure and employ the infrastructure needed to automate while continuously learning new tools. We use C# primarily working with both Windows and Linux. In addition, we employ other tools like Chef, PowerShell and Bash.
If you are interested in automation, building software from the ground up, and protection through secure development, we would love to hear from you!
You might like this role if you love:
- Finding security vulnerabilities and helping teams fix them
- Developing tools that make others more efficient
- Thinking about problems and solving the root cause instead of just the current symptoms
- Implementing detection or prevention for entire classes of vulnerabilities
- Rolling out security automation for use by hundreds of developers
- You will build and operate highly-available infrastructure and software in Azure
- You will plan and implement the rollout of security tools. This includes testing, supporting, disaster recovery planning, and roll-back planning
- You will deploy, test, maintain, and tune tools such as SAST, DAST, etc.
- You will document software vulnerabilities and working with engineering teams to remediate them
- An interest in security
- Ability to read code in mainstream programming languages such as Python, C#, Java, etc.
- Familiarity with common software vulnerabilities (ex: OWASP Top 10) and their remediations is a significant plus
- Experience with compliance and risk management (e.g., ISO27001, FedRAMP etc.) is a significant plus
- Ability to program in a modern scripting language
- Experience with using and automating some of the following: static analysis tools, dynamic analysis tools, vulnerability scanning Jenkins, endpoint monitoring software, or monitoring containers is a plus
- Experience developing web services APIs is a plus
- An interest in security