Legal Staff Information Technology in Medford, MA

Law Firm

Medford, MA

Legal Staff Information Technology in Medford, MA

Legal Staff

3-5 yrs required

No

Job Title: Senior Application Security Engineer at Morgan & Morgan Law Firm in Florida

Experience: 3-5 years in a medium to large enterprise

Salary: Competitive, based on experience

Location: Jacksonville, Orlando, or Tampa, Florida, United States

Responsibilities:
- Conduct threat modelling and risk analysis to identify exposure and develop mitigation plans
- Align security goals with business objectives for DevOps, QA, and product teams
- Define and implement security standards and best practices for applications and APIs
- Collaborate with development teams to ensure secure design patterns and practices
- Perform vulnerability assessments and penetration testing on applications and APIs
- Act as a subject matter expert on emerging threats and secure coding techniques
- Conduct code reviews to identify vulnerabilities and recommend mitigations
- Integrate security into the SDLC process
- Establish metrics and reporting for security measures

Requirements:
- Working knowledge of web and application security standards and best practices (OWASP Top 10, MITRE CWE Top 25)
- Deep experience securing applications and APIs on AWS, including services like EC2, Lambda, S3, and API Gateway
- Hands-on experience with modern API security, including REST and GraphQL APIs
- Recent experience with security testing tools (., SAST, DAST, IAST, and RASP)
- Proficiency securing applications and APIs on cloud platforms (., AWS, Azure, GCP)
- Ability to effectively communicate business risk from cybersecurity issues
- Experience developing, implementing, and maintaining security policies, standards, procedures, and secure SDLCs
- Track record of performing threat modeling, security code reviews, and penetration testing for applications and APIs
- Programming experience in Python, TypeScript, and C#
- Willingness to obtain relevant certifications within six months of hire
- Strong ethical values and self-motivation

Benefits:
- Competitive salary and benefits package, including medical and dental insurance, 401(k) plan, paid time off, and paid holidays
- Opportunity to work for a leading personal injury law firm dedicated to protecting consumer rights

Equal Opportunity Statement:
Morgan & Morgan is committed to providing equal employment opportunities to all employees and applicants for employment. Discrimination and harassment of any kind are prohibited without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

E-Verify:
Morgan & Morgan participates in E-Verify and will provide the federal government with your Form I-9 information to confirm your authorization to work in the . If E-Verify is unable to confirm your authorization, you will be given written instructions and an opportunity to resolve the issue before any employment action is taken. Employers can only use E-Verify after a job offer has been accepted and the I-9 Form has been completed.

Privacy Policy:
To learn more about Morgan & Morgan's privacy policy, please visit the following link: [insert link].

Join the Fight for Consumer Rights:
At Morgan & Morgan, we are united by one mission: For the People. As a Senior Application Security Engineer, you will play a crucial role in ensuring the security of our applications and APIs, protecting millions of Americans from insurance companies, large corporations, and defective goods. Join our team and make a difference in the fight for consumer rights.