Software Security Engineer
We are Relativity. A market-leading, global tech company that equips legal professionals with a powerful platform to organize data, discover the truth, and act on it. The U.S. Department of Justice, 198 of top 200 U.S. law firms, and more than 70 Fortune 100 companies are among our customers who trust Relativity during litigation, internal investigations, and compliance projects.
Our SaaS product, RelativityOne, has become the fastest-growing product in the company's history and we have consistently been named a great workplace. As we grow, we continue to seek individuals that will bring their whole self to our team atmosphere.
Join us in the transformation of the legal industry and play a pivotal role in shaping the future of the practice of law and beyond.
On the Application Security team, we're focused on working with Relativity’s engineering teams to create solutions protecting our customer’s data. As part of the Application Security team, you will provide solutions, verify implementations and perform penetration tests.
You might like this role if you love
· Finding security vulnerabilities and helping teams fix them
· Thinking about problems and solving the root cause instead of just the current symptoms
· Learning about new technologies and their secure implementation
· Sharing your knowledge with others
- You will identify vulnerabilities in web applications by pen testing application using Burp, reviewing code and comparing implementation against documented best practices and work with engineering teams to re-mediate them
- You will review C# and Java code, Chef recipes, Terraform scripts, SQL queries and others to identify potential vulnerabilities
- You will write applications using language of your choice to help write exploits or to assist in testing application
- You will identify components and their interconnections based on architecture diagrams
- You will identify problems and work with fellow team members to solve them
- You will review incoming requests for Application Security team to ensure it has appropriate technical information to provide response
- You will work closely with Chicago–based team members to solve problems
- You will perform other duties as assigned
- Deep interest in pen testing variety of applications and technologies (Web, Kubernetes, Network)
- Ability to read code in mainstream programming languages such as Python, C#, Java, etc.
- Familiarity with common software vulnerabilities (ex: OWASP Top 10) and their remediations
- Ability to follow established processes
- Ability to take feedback and correct behavior based on that
- College degree or relevant experience