Software Security Engineer
We are Relativity. A market-leading, global tech company that equips legal professionals with a powerful platform to organize data, discover the truth, and act on it. The U.S. Department of Justice, 198 of top 200 U.S. law firms, and more than 70 Fortune 100 companies are among our customers who trust Relativity during litigation, internal investigations, and compliance projects.
Our SaaS product, RelativityOne, has become the fastest-growing product in the company's history and we have consistently been named a great workplace. As we grow, we continue to seek individuals that will bring their whole self to our team atmosphere.
Join us in the transformation of the legal industry and play a pivotal role in shaping the future of the practice of law and beyond.
On the Application Security team, we're focused on working with Relativity’s engineering teams to create solutions protecting our customer’s data. As part of the Application Security team, you will provide solutions, verify implementations and perform penetration tests.
You might like this role if you love:
- learning about new technologies and their secure implementation
- finding security vulnerabilities and helping team fix them
- thinking about problems and solving the root cause instead of just the current symptoms
- sharing your knowledge with others
- providing general guidelines for preventing commonly found vulnerabilities by defining and updating security requirements
- performing threat modeling on products, even if they don't fit a common pattern
- reliably estimating the likelihood of given threats when building a threat model
- conducting code reviews
- interacting with project teams to seek implementation and completion of security requirements
- documenting processes based on established guidelines
- identifying or writing exploit code for high complexity vulnerabilities such as remote code execution, memory corruption or SQL injection
- defining pen test plans through stories/tasks for moderately complex applications such as those deployed to Relativity platform (ADS app) or those involved in security critical workflows (e.g. authentication)
- experience in building threat models for web applications
- familiarity with common software vulnerabilities (e.g. OWASP Top 10) and their remediation
- deep interest in security architecture of applications and technologies (Web, Kubernetes, Network)
- ability to follow established processes
- ability to juggle several high visibility projects
- ability to read code in mainstream programming languages such as Python, C#, Java
- university degree or relevant experience