Match score not available

Unlock Premium Benefits Today!
🚀 Elevate your career with priority access.
Stand out to top recruiters with Jobgether Priority Access:
  • ✅ Top Match: We help you identify job offers where you're a perfect fit.
  • ✅ Exclusive Referral Service: Connect directly with recruiters as a Jobgether Certified Premium User.
  • ✅ Personalized Feedback: Receive feedback and expert guidance on applications, and have your profile manually reviewed.

Start Your Free Trial Now!

Start my free trial

Application Security Engineer

extra holidays - extra parental leave
Remote: 
Full Remote
Contract: 
Full time
Work from: 
United States

Offer summary

Qualifications:

4+ years in information technology/security with application security emphasis., BS/MS in information security or computer science., Experience with scripting languages like JavaScript or Python., Strong project management experience..

Key responsabilities:

  • Review code for security vulnerabilities and assist in remediation.
  • Lead vulnerability management program and develop best practices.
Filevine logo
Filevine Scaleup https://www.filevine.com/
201 - 500 Employees
About Filevine
Filevine is changing the way legal work gets done for law practitioners and their clients. As the leading legal work platform, Filevine is dedicated to empowering all organizations with tools to simplify and elevate complex, high-stakes legal work. Powering everything from document management and client communication to contract lifecycle management and business analytics, over 25,000 legal professionals use Filevine daily to deliver excellence in every contract, deadline, and result. Filevine is recognized on the Deloitte Fast 500, has been named one of the Utah Business Fast 50 and is among the top 50 fastest-growing privately-owned software companies according to the 2021, 2022, and 2023 Inc. 5000 list.Filevine believes in a brighter future where the intersection of legal work and business is made more seamless, transparent, and effortless for all legal professionals and everyone they interact with through the power of legal technology.
See all jobs

Job description

Filevine is forging the future of legal work with cloud-based workflow tools. We have a reputation for intuitive, streamlined technology that helps professionals manage their organization and serve their clients better. We’re also known for our team of extraordinary and passionate professionals who love working together to help organizations thrive. Our success has catapulted Filevine to the forefront of our field—we are ranked as one of the most innovative and fastest-growing technology companies in the country by both Deloitte and Inc.

Our Mission
Filevine is building the seamless intersection between legal and business by creating a world- class platform to help professionals scale.

Department Statement: 
The Information Security team ensures security engineering efforts are effective and aligned with industry standards and best practices.    

Job Summary:
Filevine is looking for a Application Security Engineer to join our Information Security team to ensure that our platform, applications, and infrastructure are compliant and secured at the highest levels, thus protecting, and enhancing customer trust. If you are bright, hardworking, ambitious and enjoy taking ownership for security and compliance, we want to talk to you. This is an exciting opportunity to join a world-class team.

Responsibilities
  • Review code for security vulnerabilities and assist in remediation.
  • Maintain accurate library dependency trees and correlate with CVE information.
  • Support penetration testing efforts in the company, including coordinating customer-initiated penetration tests and remediation efforts.
  • Provide primary support for private bug bounty or public bug bounty efforts and facilitate remediation with appropriate development teams. 
  • Investigate claims of application security incidents.
  • Provide vulnerability remediation efforts and lead the vulnerability management program for the security team.
  • Identify end of support (EoS) and vulnerable libraries and code components which need to be prioritized for remediation and lead efforts of documenting and scoping necessary work.  
  • Develop company-wide best practices for product and platform security.
  • Research security enhancements and make recommendations to management.
  • Stay up-to-date on application security trends and development standards.

    • Qualifications
  • 4+ years combined in information technology/security with emphasis on application security.
  • A BS/MS degree in a technical field such as information security or computer science can be considered as supplementary experience.
  • Experience with scripting and development languages (e.g., JavaScript, Python, C++)
  • Automation skills are required.
  • Strong history in advising and executing red-teaming exercises and alerting the SOC for appropriate incident response.
  • High degree of familiarity with web application security best practices and implementing secure enterprise web applications.
  • Significant experience with SIEM and logging technologies.
  • Knowledgeable with Threat Hunting practices.
  • Experience with SDLC processes and creating code scanning automations and run books / play books.
  • Experience with SAST scanning tools for code scanning and remediation processes.
  • Experience with DAST scanning tools for application testing 
  • Experience with hardening web services, load balancers and web application endpoints.
  • Experience with Configuring WAF solutions and ensuring rules are aligned with the OWASP Top 10 recommendations.  
  • Experience with AWS, GCP and Azure cloud infrastructure security.
  • Working knowledge of security requirements for SOC 2 Type I & II, HIPAA, GDPR, CCPA and CJIS. 
  • Strong project management experience.
  • A strong curiosity, initiative, persistence, and willingness to experiment to provide solutions to diverse technical challenges.
  • Strong team player and work ethic are essential.

    • Preferred Qualifications
  • Significant experience with software engineering, incident response and security operations best practice.
  • Significant experience with orchestration and observability tools.
  • CCIE certification or equivalent experience. 
  • CISSP certification or equivalent experience. 
  • OSCP/GPEN/GXPN certification or equivalent experience.
  • GSEC certification or equivalent experience.
  • CISM certification or equivalent experience.
    • Cool Company Benefits:
    - A dynamic, rapidly growing company, focused on helping organizations thrive 
    - Medical, Dental, & Vision Insurance (for full-time employees)
    - Competitive & Fair Pay
    - Maternity & paternity leave (for full-time employees)
    - Short & long-term disability
    - Ergonomic and height-adjustable workstations for onsite employees
    - Opportunity to learn from a dedicated leadership team
    - Centrally located open office building in Sugar House (onsite employees)
    - Top-of-the-line company swag

    Privacy Policy Notice
    Filevine will handle your personal information according to what’s outlined in our Privacy Policy.

    Required profile

    Experience

    Spoken language(s):
    English
    Check out the description to know which languages are mandatory.

    Hard Skills

    Application SecurityVulnerability ManagementCloud SecurityWeb Application SecuritySASSScriptingProject ManagementCode ReviewPenetration TestingThreat AssessmentApplication Development LanguagesIncident ResponseAutomation StudioRed TeamingObservability

    Other Skills

    • Persistence
    • Teamwork
    • Curiosity
    • Problem Solving
    Are you interested?

    Security Engineer Related jobs

    See more Security Engineer jobs