Senior Security Software Engineer

About the Role

Rocket Lawyer is seeking an experienced, passionate senior security software engineer to join the team and help to ensure security of the RocketLawyer platform and our customer’s data.  In this role, you will spearhead efforts to patch and remediate software and code vulnerabilities. You will work in an agile, cross-functional environment, collaborating with other engineering and product teams to deploy security fixes identified by SAST, SCA, runtime security tools, and penetration testing. Additionally as RocketLawyer continues its effort on Rocket Copilot, our new AI assistant launched in December 2023, you will work with product and engineering teams to ensure that the product is built and coded in a secure manner to mitigate the various threat vectors that AI poses.

We value a fun, collaborative, team-oriented work environment, where we celebrate our accomplishments. 

Responsibilities

• Evaluate security findings from various Application Security tools such as SAST, SCA, and runtime security technologies along with penetration testing reports and user reported vulnerabilities
• Perform on-going security testing and code review to improve software security
• Develop remediation plans based on the vulnerabilities identified and work to resolve these vulnerabilities, looping in other engineering teams as needed
• Troubleshoot and debug issues that arise
• Collaborate with the Cloud infrastructure team to ensure any security fixes are added into our automation processes for future rollouts
• Provide engineering designs for new software solutions to help mitigate security vulnerabilities
• Evaluate AI-assisted technologies for potential efficiencies in more quickly patching software packages and code vulnerabilities
• Provide guidance to team when developing AI functionality to ensure it is being designed securely
• Keep up-to-date with industry trends around security for generative AI and machine learning

Requirements

• Proven work experience as a software security engineer
• 8+ years of experience in software development
• Experience with upgrading open source software packages within complex codebases
• Detailed technical knowledge of techniques, standards and state-of-the art capabilities for authentication and authorization, applied cryptography, security vulnerabilities and remediation
• Strong programming skills in Java, Kotlin, NodeJS, .NET or similar languages
• Experience building software for cloud infrastructure environments using CI/CD, containers, Docker and Kubernetes
• Familiarity with SAST and SCA tools
• Adequate knowledge of web related technologies (Web applications, Web Services and Service Oriented Architectures) and of network/web related protocols

Preferred Qualifications

• BS, MS, or PhD in Computer Science, Mathematics, Statistics, or other quantitative fields, or related work experience
• Experience writing production features leveraging LLMs and generative AI
• Experience or familiarity with AI model evaluation techniques
• Experience with Scala
• Interest in building user-facing products
• Understanding of microservices architectures and distributed systems
• Experience with building data pipelines using technologies such as Snowflake or Hive

Benefits & Perks