Advanced Cloud Security Engineer (remote)
We are Relativity. A market-leading, global tech company that equips legal and compliance professionals with a powerful platform to organize data, discover the truth, and act on it. The US Department of Justice, 199 of the Am Law 200, and more than 329,000 enabled users trust Relativity during litigation, internal investigations, and compliance projects.
Our SaaS product, RelativityOne, has become the fastest-growing product in the company's history and we have consistently been named a great workplace. As we grow, we continue to seek individuals that will bring their whole, authentic self to our team.
We believe that great talent is not bound by geography and that what you do matters more than where you do it. Relativity has assumed a hybrid work strategy, allowing choice and flexibility for employees to work either from home, a physical Relativity office location (once safe to do so), or a combination of the two, within certain logistical boundaries. Submit your application to learn more from our recruiters or contact us for more details.
If you're interested in learning more about our benefits, click here.
As an Advanced Cloud Security Engineer at Relativity you will leverage your software development skills to design, build, and maintain software solutions that enable our teams to interact with cloud resources and our cloud-based SaaS software, RelativityOne.
This is an opportunity to work in a security department focused on SecDevOps to secure a dynamic web system built on top of different technologies such as containers and native cloud applications.
To ensure a secure by default state you will:
Create tools providing actionable security data within RelativityOne.
Enable Relativity developers to make informed security decisions by building security guardrails.
Build and maintain applications that govern our identity and access management in our cloud platform, SaaS product, and backend infrastructure.
The Cloud Security Team
- Cloud Security provides best in class cloud governance and performs Identity and Access Management (IAM) for our cloud environment and tooling. This team gets to work on applications and services that support our cloud provider plane, backend infrastructure, and the RelativityOne application frontend. We tackle some of the most complex and rewarding problems in security today: how to secure a cloud based web application while also making it easy for engineers to do their work and how to enforce and maintain IAM across multiple Active Directories, tools, and application planes.
- You enjoy empowering others to make intelligent decisions about the secure state of their applications.
- You enjoy building tools and applications to deliver secure software in a SaaS environment
- You enjoy working in a modern cloud environment.
- You enjoy solving and making complicated problems as simple as possible.
- You enjoy breaking and fixing software.
- You enjoy making your software easy to use.
- You enjoy learning about cloud technologies and how to secure them.
Why you would enjoy this job:
- Design & build security products to establish best in class cloud security.
- Learn and internalize software development best practices.
- Implement automation for cloud governance and operational work.
- Partner with other cross functional teams and provide guidance on a SecDevOps approach to securing our cloud operations.
- Build IAM tooling and services to ensure that the principle of least privilege and role-based access controls are maintained.
- Drive security improvements to our cloud environment by analyzing the environment against CIS controls, audit requirements, vulnerability scans, penetration tests and threat intelligence.
- Support the Incident Response process as a cloud Subject Matter Expert(SME).
- Onboard junior developers.
- 3+ years software development experience on commercial-grade systems and applications.
- Previous experience working in .NET software development.
- Experience with Azure or other cloud platforms (GCP, AWS).
- Experience working with CI/CD is a significant plus.
- Understanding of SecDevOps principals.
- Professional software development experience as full stack developer, experience in programming languages such as C#, Python, or Java.
- Familiarity with common software vulnerabilities (ex: OWASP Top 10) and their remediation.
- Familiarity with common Identity and Access Management principles such as Least Privilege.