Legal Staff Information Technology in Lincoln, NE

Law Firm

Lincoln, NE

Legal Staff Information Technology in Lincoln, NE

Legal Staff

3-5 yrs required

No

Job Title: Senior Application Security Engineer
Location: Jacksonville, Orlando, or Tampa, Florida, United States
Salary: Based on experience
Experience: 3-5 years in a medium to large enterprise

Introduction:

- Join a team dedicated to fighting for consumer rights at Morgan & Morgan, a leading personal injury law firm in the United States
- Be a part of a diverse and motivated team of over 3,000 employees united by one mission: For the People
- Work in a fast-paced and dynamic environment with opportunities for growth and development

Responsibilities:

- Conduct threat modelling and risk analysis to identify exposure and develop mitigation plans
- Collaborate with DevOps, QA, and product teams to align security goals with business objectives
- Define and implement security standards and best practices for applications and APIs
- Ensure secure design patterns and practices are followed by development teams
- Conduct vulnerability assessments and penetration testing on applications and APIs
- Act as a subject matter expert on emerging threats and secure coding techniques
- Perform code reviews to identify vulnerabilities and recommend mitigations
- Integrate security into the software development lifecycle process
- Establish metrics and reporting for security performance

Requirements:

- Knowledge of current web and application security standards and best practices such as OWASP Top 10 and MITRE CWE Top 25
- Experience securing applications and APIs on AWS, including services like EC2, Lambda, S3, and API Gateway
- Hands-on experience with modern API security, including REST and GraphQL APIs
- Familiarity with security testing tools such as SAST, DAST, IAST, and RASP
- Proficiency securing applications and APIs on cloud platforms like AWS, Azure, and GCP
- Excellent communication skills in conveying business risk from cybersecurity issues
- Successful experience in developing, implementing, and maintaining security policies, standards, procedures, and secure SDLCs
- Proven track record in threat modeling, security code reviews, and penetration testing for applications and APIs
- Demonstrable programming experience in Python, TypeScript, and C#
- Willingness to obtain relevant certifications within six months of hire, such as AWS Certified Security - Specialty or Offensive Security certifications
- Strong moral values, self-motivated, ambitious, and action-oriented

Benefits:

- Competitive salary based on experience
- Medical and dental insurance
- 401(k) plan
- Paid time off and holidays
- Opportunities for career growth and development

Equal Opportunity Statement:

Morgan & Morgan is an equal opportunity employer and prohibits discrimination and harassment of any kind. We value diversity and do not discriminate based on race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.

E-Verify:

Morgan & Morgan participates in E-Verify to confirm employment eligibility of all employees. If E-Verify is unable to confirm eligibility, the employer will provide instructions and an opportunity to resolve the issue with the appropriate government agency before taking any action against the employee.

Privacy Policy:

For information on how Morgan & Morgan handles personal information, please refer to our privacy policy.