Legal Staff Information Technology in Little Rock, AR

Law Firm

Little Rock, AR

Legal Staff Information Technology in Little Rock, AR

Legal Staff

3-5 yrs required

No

Morgan & Morgan is seeking a Senior Application Security Engineer to join their Cybersecurity Team. This role is based in the . and requires 3-5 years of experience in a medium to large enterprise in a similar role. The successful candidate will have a thorough understanding of both the Microsoft Security Development Lifecycle and the AWS Well-Architected Framework and recent development experience with modern languages.


H1: Join Morgan & Morgan as a Senior Application Security Engineer
H2: Protect Consumer Rights as a Senior Application Security Engineer

Key Responsibilities:
- Conduct threat modelling and risk analysis to identify exposure and develop mitigation plans
- Collaborate with development teams to ensure secure design patterns and practices
- Establish metrics and reporting for security integration into the SDLC process
- Perform code reviews and vulnerability assessments on applications and APIs
- Advise teams on emerging threats and secure coding techniques
- Define and implement security standards and best practices for applications and APIs

Requirements:
- 3-5 years of experience in a similar role in a medium to large enterprise
- Thorough understanding of Microsoft Security Development Lifecycle and AWS Well-Architected Framework
- Recent development experience with modern languages
- Working knowledge of web and application security standards and best practices
- Hands-on experience with securing applications and APIs on AWS
- Proficiency in securing applications and APIs on cloud platforms
- Excellent communication skills for conveying business risk from cybersecurity issues
- Successful experience in developing and maintaining security policies and procedures
- Proven track record in threat modeling, code reviews, and penetration testing
- Programming experience in Python, TypeScript, and C#
- Willingness to obtain relevant certifications within six months of hire

Benefits:
- Medical and dental insurance
- 401(k) plan
- Paid time off and holidays

Equal Opportunity:
Morgan & Morgan values diversity and provides equal employment opportunities to all employees and applicants without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.

E-Verify:
Morgan & Morgan participates in E-Verify and follows all necessary procedures to confirm authorization to work in the .

Privacy Policy:
As an employee of Morgan & Morgan, your privacy will be protected according to the company's privacy policy.


Salary Information:
- $90,000 to $120,000 per year, depending on experience and location

Job Title: Senior Application Security Engineer

Experience: 3-5 years in a similar role in a medium to large enterprise

Location: Jacksonville, Florida, United States · Orlando, Florida, United States · Tampa, Florida, United States

Department: Cybersecurity Team

Responsibilities:
- Identify and mitigate potential threats through threat modelling and risk analysis
- Align security goals with business objectives by working with DevOps, QA, and product teams
- Implement security standards and best practices for applications and APIs
- Collaborate with development teams to ensure secure design patterns and practices
- Conduct vulnerability assessments and penetration testing on applications and APIs
- Serve as a subject matter expert on emerging threats and secure coding techniques
- Perform code reviews and recommend mitigations for vulnerabilities
- Integrate security into the software development lifecycle
- Establish metrics and reporting for security integration

Requirements:
- Familiarity with web and application security standards and best practices (OWASP Top 10, MITRE CWE Top 25)
- Experience securing applications and APIs on AWS, including services like EC2, Lambda, S3, and API Gateway
- Knowledge of modern API security, including REST and GraphQL APIs
- Proficiency in using security testing tools (., SAST, DAST, IAST, RASP)
- Ability to secure applications and APIs on cloud platforms (., AWS, Azure, GCP)
- Strong communication skills to convey business risk from cybersecurity issues
- Successful experience in developing, implementing, and maintaining security policies, standards, procedures, and secure SDLCs
- Proven track record in threat modeling, security code reviews, and penetration testing for applications and APIs
- Programming experience in Python, TypeScript, and C#
- Willingness to obtain relevant certifications within six months of hire

Benefits:
- Medical and dental insurance
- 401(k) plan
- Paid time off and holidays

Equal Opportunity:
Morgan & Morgan values diversity and provides equal employment opportunities to all employees and applicants without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.

E-Verify:
Morgan & Morgan participates in E-Verify and follows all necessary procedures to confirm authorization to work in the .

Privacy Policy:
As an employee of Morgan & Morgan, your privacy will be protected according to the company's privacy policy.

Join Morgan & Morgan as a Senior Application Security Engineer and help protect consumer rights against insurance companies, large corporations, and defective goods. As a member of the Cybersecurity Team, you will play a crucial role in identifying and mitigating potential threats, aligning security goals with business objectives, and implementing security standards and best practices for applications and APIs.

Key Responsibilities:
- Identify and mitigate potential threats through threat modelling and risk analysis
- Align security goals with business objectives by working with DevOps, QA, and product teams
- Implement security standards and best practices for applications and APIs
- Collaborate with development teams to ensure secure design patterns and practices
- Conduct vulnerability assessments and penetration testing on applications and APIs
- Serve as a subject matter expert on emerging threats and secure coding techniques
- Perform code reviews and recommend mitigations for vulnerabilities
- Integrate security into the software development lifecycle
- Establish metrics and reporting for security integration

Requirements:
-