Legal Staff Information Technology in Kissimmee, FL

Law Firm

Kissimmee, FL

Legal Staff Information Technology in Kissimmee, FL

Legal Staff

3-5 yrs required

No

The law firm of Morgan & Morgan is seeking a Senior Application Security Engineer to join their Cybersecurity Team. This is a full-time position with excellent benefits, including medical and dental insurance, a 401(k) plan, and paid time off and holidays. The successful candidate will have 3-5 years of experience in a medium to large enterprise in a similar role, recent development experience with modern languages, and a thorough understanding of both the Microsoft Security Development Lifecycle and the AWS Well-Architected Framework.

Responsibilities:

- Conduct threat modelling and risk analysis to identify exposure and develop mitigation plans
- Work with DevOps, QA, and product teams to align security goals with business objectives
- Define and implement security standards and best practices for applications and APIs
- Collaborate with development teams to ensure secure design patterns and practices
- Conduct vulnerability assessments and penetration testing on applications and APIs
- Act as a subject matter expert advising teams on emerging threats and secure coding techniques
- Perform code reviews to identify vulnerabilities and recommend mitigations
- Create security integration into the SDLC process
- Establish metrics and reporting

Requirements:

- 3-5 years of experience in a similar role in a medium to large enterprise
- Recent development experience with modern languages
- Thorough understanding of the Microsoft Security Development Lifecycle and the AWS Well-Architected Framework
- Working knowledge of current web and application security standards and best practices
- Deep experience securing applications and APIs on AWS
- Hands-on experience with modern API security
- Recent experience with security testing tools
- Proficiency securing applications and APIs on cloud platforms
- Excellent communication skills for communicating business risk from cybersecurity issues
- Successful experience developing, implementing, and maintaining security policies, standards, procedures, and secure SDLCs
- Proven track record of performing threat modeling, security code reviews, and penetration testing for applications and APIs
- Demonstrable programming experience in Python, TypeScript, and C#
- Agreement to obtain relevant certifications within six months of hire

The successful candidate will be self-motivated, ambitious, and action-oriented, embodying trust, dignity, integrity, and accountability. They must also be able to pass a background check and agree to participate in E-Verify.

The Senior Application Security Engineer will be responsible for conducting threat modelling and risk analysis, defining and implementing security standards, collaborating with development teams, and establishing metrics and reporting. They must have a working knowledge of current web and application security standards and best practices, as well as deep experience securing applications and APIs on AWS.

In addition, the successful candidate must have recent experience with security testing tools, proficiency securing applications and APIs on cloud platforms, and excellent communication skills for conveying business risk from cybersecurity issues. They must also have a proven track record of performing threat modeling, security code reviews, and penetration testing for applications and APIs.

The ideal candidate will also have demonstrable programming experience in Python, TypeScript, and C#, and agree to obtain relevant certifications within six months of hire. They must also be self-motivated, ambitious, and action-oriented, embodying trust, dignity, integrity, and accountability.

This is a full-time position with excellent benefits, including medical and dental insurance, a 401(k) plan, and paid time off and holidays. Morgan & Morgan is dedicated to providing equal employment opportunities to all employees and applicants and prohibits discrimination and harassment of any type. They also participate in E-Verify and have a privacy policy in place to protect employee information.

In this role, the Senior Application Security Engineer will be responsible for conducting threat modelling and risk analysis, defining and implementing security standards, collaborating with development teams, and establishing metrics and reporting. They will also have the opportunity to work with DevOps, QA, and product teams to align security goals with business objectives and act as a subject matter expert advising teams on emerging threats and secure coding techniques.

The successful candidate must have 3-5 years of experience in a similar role in a medium to large enterprise, recent development experience with modern languages, and a thorough understanding of the Microsoft Security Development Lifecycle and the AWS Well-Architected Framework. They must also have a working knowledge of current web and application security standards and best practices, deep experience securing applications and APIs on AWS, and hands-on experience with modern API security.

Additionally, the Senior Application Security Engineer must have recent experience with security testing tools, proficiency securing applications and APIs on cloud platforms, and excellent communication skills for conveying business risk from cybersecurity issues. They must also have a proven track record of performing threat modeling, security code reviews, and penetration testing for applications and APIs, as well as demonstrable programming experience in Python, TypeScript, and C#.

The successful candidate must also agree to obtain relevant certifications within six months of hire and be self-motivated, ambitious, and action-oriented, embodying trust, dignity, integrity, and accountability. They must also be able to pass a background check and participate in E-Verify.

If you are a motivated and curious individual with a passion for cybersecurity and a desire to make a difference in the fight for consumer rights, this may be the perfect opportunity for you. Join Morgan & Morgan as a Senior Application Security Engineer and be a part of a team dedicated to protecting the people, not the powerful.