At Relativity, we make software to help users organize data, discover the truth, and act on it. Our e-discovery platform is used by more than 13,000 organizations around the world to manage large volumes of data and quickly identify key issues during litigation, internal investigations, and compliance projects.

Here you can own your career in a community of values-driven people who help our customers around the world solve complex data challenges. If this sounds like the place for you, check out the details of this position below.

As the Lead Security Engineer on our Vulnerability Management Team, you will be focused on:

Owning the vulnerability management program and establishing a bug bounty program focusing on Relativity’s products and resources. You will be working with various application and system owners to report vulnerabilities, drive remediations, and improve our current processes. The ideal candidate will have strong experience performing vulnerability assessments, performing penetration tests at scale, and Operating multi-faceted vulnerability management programs. You will love this job if you enjoy working with others and driving improvements, collaboration, and maturation across an organization via process, automation, and data.

Responsibilities

• Drive vulnerability patching, accountability, and security hygiene across the enterprise
• Author clear, authoritative responses to vulnerability queries
• Provide guidance to teams regarding the impact of security issues
• Define and track KPIs to measure vulnerability trends, and report on success from both a business and technology perspective
• Conduct reviews and recommend layered defenses to prevent exploits, detect and disrupt attacks
• Implement and refine processes, capabilities, and techniques for vulnerability management and security testing
• Assist compliance and risk management activities, recommending security controls and corrective actions to mitigate risks
• Manage tracking and remediation of vulnerabilities by leveraging agreed-upon action plans and timelines with responsible technology partners and assist teams with properly mitigating and remediating issues
• Collaborate with appropriate internal teams to refine penetration testing methods and breadth of security services

Preferred Qualifications

• Experienced in vulnerability assessment and penetration testing.
• Experience managing vulnerability management and security testing for cloud services
• Expert knowledge of common vulnerability frameworks (CVSS, OWASP Top 10).
• Expert knowledge of system, application, and database hardening techniques and practices.
• Expert knowledge of Internet security and networking protocols.
• Experience with software development and skillful in a scripting language (Python/Ruby)
• Ability to interact effectively at all levels of an organization, across diverse cultural and linguistic barriers, and as part of a geographically distributed team.
• Self-motivated, team player, and detail oriented.
• Excellent written and verbal communications.
• Hands on experience with ticketing systems (e.g. Jira/ServiceNow), vulnerability scanners (e.g. Nessus/Qualsys), visualization (e.g. Looker/Tableau), and risk management platforms (e.g. Kenna/Resolver)
• Ideally CISSP / CISM GSEC certified or equivalent experience.

Minimum Qualifications

• 5+ years of experience in vulnerability assessment and penetration testing.
• Knowledge of common vulnerability frameworks (CVSS, OWASP Top 10).
• Strong understanding of vulnerability management and security testing practices and methodologies.
• Knowledge of vulnerability frameworks, application vulnerabilities and network protocols

#LI-SN1

Relativity has over 160,000 users in 40+ countries from organizations including the U.S. Department of Justice, more than 70 Fortune 100 companies, and all of the Am Law 200. Relativity's cloud solution, RelativityOne, offers all the functionality of Relativity in a secure and comprehensive SaaS product. Our company has also been named one of Chicago's Top Workplaces by the Chicago Tribune for seven consecutive years.

If you’re ready to grow with us, we’d love to hear from you.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.