Legal Staff Information Technology in Big Pine Key, FL

Law Firm

Big Pine Key, FL

Legal Staff Information Technology in Big Pine Key, FL

Legal Staff

3-5 yrs required

No

H1: Senior Application Security Engineer at Law Firm in Florida
H2: Join Our Cybersecurity Team and Protect Consumer Rights

At Morgan & Morgan, our work makes a difference for millions of Americans. As a leading personal injury law firm, we are the last line of defense against insurance companies, large corporations, and defective goods. Our team of over 3,000 employees is united by one mission: For the People.

We are currently seeking a Senior Application Security Engineer to join our Cybersecurity Team. This role can be based out of any of our offices in the . The ideal candidate will have 3-5 years of experience in a medium to large enterprise in a similar role and a strong understanding of Microsoft Security Development Lifecycle and AWS Well-Architected Framework.

Responsibilities:

- Identify potential risks and develop mitigation plans through threat modeling and risk analysis
- Collaborate with DevOps, QA, and product teams to align security goals with business objectives
- Implement security standards and best practices for applications and APIs
- Ensure secure design patterns and practices are followed by development teams
- Conduct vulnerability assessments and penetration testing on applications and APIs
- Provide expertise on emerging threats and secure coding techniques
- Perform code reviews and recommend mitigations for vulnerabilities
- Integrate security into the SDLC process
- Establish metrics and reporting for security

Requirements:

- Familiarity with current web and application security standards and best practices (OWASP Top 10, MITRE CWE Top 25)
- Deep experience securing applications and APIs on AWS, including services like EC2, Lambda, S3, and API Gateway
- Hands-on experience with modern API security, including REST and GraphQL APIs
- Knowledge of security testing tools (., SAST, DAST, IAST, and RASP)
- Proficiency in securing applications and APIs on cloud platforms (., AWS, Azure, GCP)
- Strong communication skills to effectively communicate business risk from cybersecurity issues
- Successful experience developing, implementing, and maintaining security policies, standards, procedures, and secure SDLCs
- Proven track record of conducting threat modeling, security code reviews, and penetration testing for applications and APIs
- Programming experience in Python, TypeScript, and C#
- Willingness to obtain relevant certifications within six months of hire
- Embody trust, dignity, integrity, and accountability
- Self-motivated, ambitious, and action-oriented

Benefits:

- Medical and dental insurance
- 401(k) plan
- Paid time off and holidays

Equal Opportunity Statement:

Morgan & Morgan is committed to providing equal employment opportunities to all employees and applicants for employment. We do not discriminate or tolerate harassment of any kind based on race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.

E-Verify:

As an employer participating in E-Verify, we will provide the federal government with your Form I-9 information to confirm your authorization to work in the . If E-Verify is unable to confirm your authorization, we will provide you with written instructions and the opportunity to contact the Department of Homeland Security or Social Security Administration to resolve the issue before any action is taken against you.

Privacy Policy:

For more information on how we handle your personal data, please refer to our privacy policy linked below.

Join our team at Morgan & Morgan and make a difference in the fight for consumer rights. Apply now and help us protect the people, not the powerful.