Senior Software Security Engineer
About The Position
Everlaw is seeking a Senior Security Engineer to join their technical security team. Security is a strategic pillar at Everlaw, and this role is crucial for executing the company's strategy and protecting customer data. The company emphasizes the importance of protecting sensitive information, managing high-profile cases, and adapting to evolving technologies across various data platforms. The Security Engineering team collaborates across departments to build and operate a secure platform that meets stringent security and compliance requirements, focusing on confidentiality, integrity, and availability of information. Everlaw fosters a vibrant culture committed to professional growth, offering an annual learning and development stipend and regular career check-ins. They encourage applications from candidates who may not meet every qualification but believe they can bring value.
Requirements
- At least 4 years of experience working in security.
- Programming skills in at least one scripting language (like Python).
- Ability to spot problems, figure out how to exploit or defend against them, and ensure they are fixed.
- Ability to collaborate effectively with coworkers on different teams.
- Ability to explain technical concepts without jargon and keep security relatable.
- Willingness to find creative ways to improve security without blocking others.
- Understanding of effective security processes.
- Authorized to work in the United States without restrictions.
Nice To Haves
- Previous experience with SaaS environments and distributed systems.
- Programming skills in at least one compiled language (like Java).
- Experience with AWS, Terraform, Ansible, git, and other infrastructure, development, and operations tools.
Responsibilities
- Lead a team of security engineers to build and integrate tools for a scalable and efficient secure software development lifecycle (SSDLC).
- Guide and develop the skills of other security engineers.
- Advise other engineers on building a secure platform, including leading threat modeling sessions, conducting security design reviews, and reviewing code and configuration changes for security concerns.
- Build security improvements on AWS accounts, focusing on authentication, authorization, threat detection, encryption, and reducing attack surface, with a vision including IAM, AWS Security Hub, Amazon GuardDuty, AWS Config, Service Control Policies, and AWS Firewall Manager.
- Collaborate with Engineering, Engineering Operations, IT, and GRC teams to meet operational security commitments by probing for vulnerabilities, assessing risk, and advising on responses.
- Triage security events and respond to security incidents, including containment, recovery, and minimizing recurrence.
- Develop new security processes, procedures, and runbooks, and refine existing ones to support Everlaw's rapid growth.
- Find creative solutions to problems without hindering innovation, fostering a security mindset among coworkers and helping them think like an attacker.
Benefits
- The expected salary range for this role is between $215,000 - $272,000.
- Equity program
- 401(k) retirement plan with company matching
- Health, dental, and vision
- Flexible Spending Accounts for health and dependent care expenses
- Paid parental leave
- Approximately 10 days (80 hours) per year of sick leave
- Seventeen paid vacation days
- 11 federal holidays
- Membership to Modern Health
- Annual allocation for Learning & Development opportunities and applicable professional membership dues
- Company-sponsored life and disability insurance
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
