Legal Staff Information Technology in Tampa, FL

Law Firm

Tampa, FL

Legal Staff Information Technology in Tampa, FL

Legal Staff

3-5 yrs required

No

Senior Application Security Engineer - Protecting Consumer Rights at Law Firm

Morgan & Morgan, a leading personal injury law firm, is seeking a Senior Application Security Engineer to join their Cybersecurity Team. With over 3,000 employees united by a mission to fight for the people, this role will play a crucial role in protecting consumer rights against insurance companies, large corporations, and defective goods. The successful candidate will have 3-5 years of experience in a medium to large enterprise and a strong understanding of security standards and best practices.

Key Responsibilities:

- Conduct threat modelling and risk analysis to identify exposure and develop mitigation plans
- Align security goals with business objectives in collaboration with DevOps, QA, and product teams
- Define and implement security standards and best practices for applications and APIs
- Collaborate with development teams to ensure secure design patterns and practices
- Perform vulnerability assessments and penetration testing on applications and APIs
- Act as a subject matter expert on emerging threats and secure coding techniques
- Perform code reviews and recommend mitigations
- Integrate security into the SDLC process
- Establish and report on metrics

Requirements:

- Familiarity with current web and application security standards and best practices (OWASP Top 10, MITRE CWE Top 25)
- Deep experience securing applications and APIs on AWS, including EC2, Lambda, S3, and API Gateway
- Hands-on experience with modern API security, including REST and GraphQL APIs
- Recent experience with security testing tools (., SAST, DAST, IAST, and RASP)
- Proficiency securing applications and APIs on cloud platforms (., AWS, Azure, GCP)
- Strong communication skills in conveying business risk from cybersecurity issues
- Proven experience developing, implementing, and maintaining security policies, standards, procedures, and secure SDLCs
- Track record of performing threat modeling, security code reviews, and penetration testing for applications and APIs
- Programming experience in Python, TypeScript, and C#
- Willingness to obtain relevant certifications within six months of hire

Benefits:

- Excellent benefits package, including medical and dental insurance, 401(k) plan, paid time off, and paid holidays

Equal Opportunity Statement:

Morgan & Morgan is committed to providing equal employment opportunities to all employees and applicants for employment without discrimination or harassment based on race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

E-Verify:

Morgan & Morgan participates in E-Verify and will provide the federal government with your Form I-9 information to confirm your authorization to work in the . If E-Verify cannot confirm your authorization, you will be given the opportunity to resolve the issue before any action is taken against you, including termination of employment. Employers can only use E-Verify after a job offer has been accepted and the I-9 Form has been completed.

Privacy Policy:

For more information on Morgan & Morgan's privacy policy, please visit the provided link.