Lead Software Security Engineer - 20-0150
We are Relativity. A market-leading, global tech company that equips legal professionals with a powerful platform to organize data, discover the truth, and act on it. The U.S. Department of Justice, 198 of top 200 U.S. law firms, and more than 70 Fortune 100 companies are among our customers who trust Relativity during litigation, internal investigations, and compliance projects.
Our SaaS product, RelativityOne, has become the fastest-growing product in the company's history and we have consistently been named a great workplace. As we grow, we continue to seek individuals that will bring their whole self to our team atmosphere.
Join us in the transformation of the legal industry and play a pivotal role in shaping the future of the practice of law and beyond.
As a Lead Software Security Engineer you will lead a dedicated penetration testing team. Join the team as they test anything from web apps to ending infrastructure as code. Here you can get deep into powerful distributed systems built to analyze massive amounts of electronic data. Our security team is advanced, and you can help take our penetration testing to the next level!
This is within our app-sec team. In addition, if you are not local to the Chicago area, we are also considering this role for remote!
You might like this role if you love
- Breaking Software, Infrastructure and anything else in between
- Learning about new technologies and their secure implementation
- Finding security vulnerabilities and helping teams fix them
- Sharing your knowledge with others
- Iterate between leading Red and Purple style engagements
- Identify vulnerabilities in a variety of technologies (.NET, Java, C, C++, Kubernetes, Windows and Linux Infrastructure)
- Recognize, document, and report vulnerabilities and kill chains, describing remediation activities with the ability to effectively articulate and communicate the results in both technical and layman terms to the appropriate audience
- Share your knowledge with the Security department team members and Security Champions
- Have at least 5 years of experience performing manual penetration testing or 10 years experience developing Win 32/kernel development and 1-2 years of manual penetration testing
- Experience with Windows operating systems and security (boot process, subsystems, kernel-and user-level processes) and Linux
- Proficient with common attack tools (Immunity CANVAS, Burp, SET, Metasploit, Nmap, Nessus)
- Desire or experience building up fuzzing lab
- College degree or relevant industry experience