Lead Risk Reduction Engineer
- Implement and direct processes across the vulnerability management lifecycle, including Discovery, Prioritization of Assets, Vulnerability Assessment, Reporting, Remediation, and Verification.
- Act as a technical lead within a rapidly growing cyber security group and develop team objectives to resolve outstanding risk and identify new areas of exposure.
- Assist in validating and remediating critical findings resulting from audit processes.
- Utilize industry-standard toolsets to map and reduce the attack surface of a complex and dynamic architecture.
- Collaborate with Threat Intelligence groups to overlay observations from the global threat landscape with patching and remediation strategy.
- Review opportunities to reduce the risk surface of Relativity, ensuring a highly secure target for adversary actors.
- Develop scripts, tools, and methodologies to identify and exploit points of exposure on internal and perimeter applications (penetration testing).
- Proactively research emerging cyber threats. Apply analytical understanding of hacker methodologies and tactics, system vulnerabilities and key indicators of attacks and exploits.
- Possess a high degree of proficiency in the following domains: debugging, exploit development, reverse engineering, port scanning, client-side attacks, and evasion techniques.
- Experience with vulnerability management and offensive security tools, including Nessus, Splunk, Burp Suite, and Metasploit.
- Able to contribute to security architecture discussions to ensure exposure to threats is minimized and countermeasures can be proactively applied.
- Familiarity with the security, attack surface, and threat profile of SaaS-based applications.
- Effectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel.
- Ability to identify adversary tactics, techniques, and procedures (TTPs), targeting, malware development and implementation.
- One of more of the following certifications: OSCP, CEH, or GPEN
- Detailed understanding of the vulnerability management lifecycle, and how this is applied in a corporate setting.
- Expertise in networking, cryptography, and security concepts.
- Capacity to provide both high-level and technical briefings on emerging threats and vulnerabilities, collaborating with extended Cyber teams to assess risk.
- Experience performing forensic analysis on network traffic to identify anomalies and attacks.
- Ability to work collaboratively and independently to deliver projects based on high-level requirements and success criteria.
- 4+ years of experience as a Risk Reduction Engineer or similar role.
About RelativityRelativity has over 160,000 users in 40+ countries from organizations including the U.S. Department of Justice, more than 70 Fortune 100 companies, and all of the Am Law 200. Relativity's cloud solution, RelativityOne, offers all the functionality of Relativity in a secure and comprehensive SaaS product. Our company has also been named one of Chicago's Top Workplaces by the Chicago Tribune for seven consecutive years. If you’re ready to grow with us, we’d love to hear from you. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.
How We #ActOnIt
Connect With Us
Not ready to apply? Connect with us for general consideration.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.