Advanced Software Security Engineer 21-0056

We are Relativity. A market-leading, global tech company that equips legal and compliance professionals with a powerful platform to organize data, discover the truth, and act on it.  The US Department of Justice, 199 of the Am Law 200, and more than 329,000 enabled users trust Relativity during litigation, internal investigations, and compliance projects. Our SaaS product, RelativityOne, has become the fastest-growing product in the company's history and we have consistently been named a great workplace. As we grow, we continue to seek individuals that will bring their whole, authentic self to our team.  We believe that great talent is not bound by geography and that what you do matters more than where you do it. Relativity has assumed a hybrid work strategy, allowing choice and flexibility for employees to work either from home, a physical Relativity office location (once safe to do so), or a combination of the two, within certain logistical boundaries. Submit your application to learn more from our recruiters or contact us for more details.  
If you're interested in learning more about our benefits, click here.
On the Application Security team, we're focused on working with Relativity’s engineering teams to create solutions protecting our customer’s data. As part of the Application Security team, you will provide solutions, verify implementations and perform penetration tests. 

You might like this role if you love:

• learning about new technologies and their secure implementation
• finding security vulnerabilities and helping team fix them
• thinking about problems and solving the root cause instead of just the current symptoms
• sharing your knowledge with others

Responsibilities:

• providing general guidelines for preventing commonly found vulnerabilities by defining and updating security requirements
• performing threat modeling on products, even if they don't fit a common pattern
• reliably estimating the likelihood of given threats when building a threat model
• conducting code reviews
• interacting with project teams to seek implementation and completion of security requirements
• documenting processes based on established guidelines
• identifying or writing exploit code for high complexity vulnerabilities such as remote code execution, memory corruption or SQL injection
• defining pen test plans through stories/tasks for moderately complex applications such as those deployed to Relativity platform (ADS app) or those involved in security critical workflows (e.g. authentication)

Qualifications:

• experience in building threat models for web applications
• familiarity with common software vulnerabilities (e.g. OWASP Top 10) and their remediation
• deep interest in security architecture of applications and technologies (Web, Kubernetes, Network)
• ability to follow established processes
• ability to juggle several high visibility projects
• ability to read code in mainstream programming languages such as Python, C#, Java
• university degree or relevant experience

At Relativity, we live our core values and we thrive on solving complex problems. We’re dedicated to continually improving our product and providing relentless customer service, and we’re always looking for people to join us on the journey.   Relativity is a team of smart, passionate people always looking to grow, contribute, and make our product and customer service the best it can be. Our team members come from diverse backgrounds with different skills and life experiences—and we love and celebrate those differences. We believe that employees are happiest when they’re empowered to be their full, authentic selves, regardless how you identify.  So, please come as you are. We can’t wait to meet you. 

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.