Security Engineer (Vulnerability Management)
What Relativity Has to Offer:
Job details
Posting Type
Hybrid
Job Overview
As a Security Engineer on the Vulnerability Management team at Relativity, you will work with other teams both inside and outside of the Security department to ensure the security of our infrastructure and products.This is an opportunity to work in a security department focused on DevSecOps in a rapidly expanding tech company, where you'll be helping secure both company infrastructure and a dynamic web system built on top of containers, native cloud applications, and other modern technology stacks.
These things will be key to be successful in this role:
-You are motivated to be part of an international team in a security-focused environment within the Legal Tech industry.
-You want to help empower engineers to build secure products.
-You want to have a real impact on the security of the leading Legal Data Intelligence product.
-You enjoy and thrive in cross-functional collaboration.
-You enjoy being exposed to a variety of modern technologies.
-You are passionate about DevSecOps.
Job Description and Requirements
Role Responsibilities
What are the core duties of this role?
Support the Vulnerability Management program by contributing to scalable processes and enabling the adoption of security services.
Assist in developing and maintaining automation and reusable tooling to improve efficiency across the program.
Maintain and optimize vulnerability scanning tools by performing updates, resolving issues, monitoring performance, and coordinating with vendors to ensure reliable and accurate risk data.
Implement and direct Vulnerability Management processes. Oversee the entire vulnerability management lifecycle: Discovery, Prioritization, Assessment, Reporting, Remediation, and Verification.
Assist in improving configuration management practices by identifying misconfigurations, contributing to standards, and supporting efforts that enhance efficiency, effectiveness, and compliance.
Actively swarm on high‑urgency vulnerability response events by rapidly triaging findings, determining impact radius, coordinating with responsible teams, and driving swift remediation to reduce risk as quickly as possible.
Contribute to team objectives aimed at reducing overall risk and identifying new areas of exposure.
Collaborate with internal teams to validate and remediate findings from vulnerability scans, third-party assessments, and the Bug Bounty Program.
Improve configuration management practices to enhance efficiency, effectiveness, and compliance.
Perform threat modeling to assess the severity of a vulnerability.
Participate in sessions and events to enhance the skills and expertise of the team, fostering a culture of continuous learning and improvement.
Enhance risk visibility by reporting on relevant metrics.
Minimum qualifications:
Familiarity with common software vulnerabilities (ex: OWASP Top 10) and their remediations.
Bachelor’s degree in Computer Science, Cybersecurity, or related field OR equivalent experience.
Experience with cloud platforms (e.g., Azure, AWS) and containerization technologies.
Excellent verbal and written communication skills, with the ability to articulate complex security concepts to both technical and non-technical stakeholders.
Strong analytical and problem-solving skills, with a proactive approach to identifying and addressing security challenges.
Preferred qualifications:
1 year of experience on a security team.
Knowledge of professional software engineering practices & software development life cycle (SDLC), including coding standards, code reviews, source control management, build processes, testing, and operations.
Experience with modern vulnerability scanning tools.
Experience deploying Infrastructure as Code “IaC” such as Pulumi.
Proficiency in at least 1 modern Object-Oriented Programming (OOP) language, preferably .NET.
Experience working in a SaaS environment operating on a global scale.
Experience in the legal space.
Experience working with container vulnerability scanning tools.
Experience working with Azure.
Experience working with FedRAMP.
Relativity is a diverse workplace with different skills and life experiences - and we love and celebrate those differences. We believe that employees are happiest when they're empowered to be their full, authentic selves, regardless how you identify.
Benefit Highlights:
Comprehensive health, dental, and vision plans
Parental leave for primary and secondary caregivers
Flexible work arrangements
Two, week-long company breaks per year
Additional time off
Long-term incentive program
Training investment program
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.
Relativity is committed to competitive, fair, and equitable compensation practices.
This position is eligible for total compensation which includes a competitive base salary, an annual performance bonus, and long-term incentives.
The expected salary range for this role is between following values:
138 000 and 206 000PLNThe final offered salary will be based on several factors, including but not limited to the candidate's depth of experience, skill set, qualifications, and internal pay equity. Hiring at the top end of the range would not be typical, to allow for future meaningful salary growth in this position.
Required Skills:
Cybersecurity, Cyber Threat Intelligence, Information Security, Intrusion Detection, Network Security, Security Architecture Design, Security Audit, Security Engineering, Security Operations, Vulnerability Management