Legal Staff Information Technology in Deland, FL

Law Firm

Deland, FL

Legal Staff Information Technology in Deland, FL

Legal Staff

3-5 yrs required

No

Senior Application Security Engineer: Join the Fight for Consumer Rights at Leading Law Firm in Florida

Salary: Competitive and based on experience

Experience: 3-5 years in a medium to large enterprise in a similar role

Location: Jacksonville, Orlando, or Tampa, Florida

Morgan & Morgan, a leading personal injury law firm, is looking for a Senior Application Security Engineer to join their Cybersecurity Team. With over 3,000 employees, Morgan & Morgan is dedicated to protecting consumers against insurance companies, large corporations, and defective goods. As part of their mission "For the People," they are seeking a motivated and curious individual to play a key role in securing their applications and APIs.

Responsibilities:

- Conduct threat modeling and risk analysis to identify exposure and develop mitigation plans
- Align security goals with business objectives by collaborating with DevOps, QA, and product teams
- Define and implement security standards and best practices for applications and APIs
- Work with development teams to ensure secure design patterns and practices
- Perform vulnerability assessments and penetration testing on applications and APIs
- Act as a subject matter expert, advising teams on emerging threats and secure coding techniques
- Conduct code reviews to identify vulnerabilities and recommend mitigations
- Create security integration into the SDLC process
- Establish metrics and reporting

Requirements:

- Working knowledge of current web and application security standards and best practices (OWASP Top 10, MITRE CWE Top 25)
- Deep experience securing applications and APIs on AWS, including services like EC2, Lambda, S3, and API Gateway
- Hands-on experience with modern API security, including REST and GraphQL APIs
- Recent experience with security testing tools (., SAST, DAST, IAST, and RASP)
- Proficiency securing applications and APIs on cloud platforms (., AWS, Azure, GCP)
- Excellent communication skills in conveying business risk from cybersecurity issues
- Successful experience developing, implementing, and maintaining security policies, standards, procedures, and secure SDLCs
- Proven track record of performing threat modeling, security code reviews, and penetration testing for applications and APIs
- Demonstrable programming experience in Python, TypeScript, and C#
- Willingness to obtain one of the following certifications within six months of hire: AWS Certified Security – Specialty or AWS Certified Solutions Architect – Associate, OSCP, ISC CSSLP, EC-Council CEH Certified Ethical Hacker (Master level)
- Strong values of trust, dignity, integrity, and accountability
- Self-motivated, ambitious, and action-oriented

Benefits:

- Competitive salary based on experience
- Medical and dental insurance
- 401(k) plan
- Paid time off and holidays

Equal Opportunity Statement:

Morgan & Morgan provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.

E-Verify:

Morgan & Morgan participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the . If E-Verify cannot confirm your authorization to work, Morgan & Morgan will provide you with written instructions and an opportunity to contact the Department of Homeland Security (DHS) or Social Security Administration (SSA) to resolve the issue before any action is taken, including termination of employment. Please note that employers can only use E-Verify once a job offer has been accepted and the I-9 Form has been completed.

Privacy Policy:

To learn more about Morgan & Morgan's privacy policy, please visit the website for a link.

H1: Join the Fight for Consumer Rights as a Senior Application Security Engineer at Leading Law Firm in Florida
H2: Protecting Consumers and Winning the Fight: Senior Application Security Engineer at Morgan & Morgan

Key Points:
- Senior Application Security Engineer role at leading personal injury law firm, Morgan & Morgan
- Mission to protect consumers against insurance companies, large corporations, and defective goods
- Competitive salary based on experience
- Location options in Jacksonville, Orlando, or Tampa, Florida
- 3-5 years of experience in a similar role in a medium to large enterprise
- Responsibilities include threat modeling, risk analysis, aligning security goals with business objectives, defining and implementing security standards, collaborating with development teams, conducting vulnerability assessments and penetration testing, and more
- Requirements include knowledge of current web and application security standards, deep experience securing applications and APIs on AWS, proficiency with modern API security, recent experience with security testing tools, and more
- Benefits package includes medical and dental insurance, 401(k) plan, paid time off, and holidays
- Equal opportunity employer that prohibits discrimination and harassment of any type
- Participation in E-Verify to confirm authorization to work in the .
- Privacy policy available on the website
- Strong values of trust, dignity, integrity, and accountability expected in successful candidate