Senior Product Security Engineer at Rocket Lawyer | Powderkeg
Back to Rocket Lawyer Careers

Location: San Francisco or London

Employment Type: Full time

Team: Opportunities

About Rocket Lawyer

We believe everyone deserves access to affordable and simple legal services.

Founded in 2008, Rocket Lawyer is the largest and most widely used online legal service platform in the world. With offices in North America and Europe, Rocket Lawyer has helped over 25 million people create over 50 million legal documents , and get their legal questions answered.

We are in a unique position to enhance and expand the Rocket Lawyer platform to a scale never seen before in the company’s history, to capture audiences worldwide. We are expanding our team to take on this challenge!

Responsibilities

  • Work closely with engineering teams and product managers to ensure that RocketLawyer’s products are secure.
  • Conduct regular threat models, code reviews and dynamic testing to proactively find potential vulnerabilities.
  • Deploy and operationalize a software composition analysis (SCA) solution.
  • Build and operationalize a bug bounty program.
  • Push vulnerability fixes with assistance from engineering teams where appropriate.
  • Assist in creating secure coding training and run a security champions program.
  • Build security requirements and instill secure coding best practices.
  • Development of automated security testing to validate that secure coding best practices are being used.
  • Analyze, assess, and respond to various internet threats.

Qualifications

  • Development or scripting experience and skills. Java & JavaScript is preferred.
  • Ability to conduct code review and provide advice on secure product design.
  • Familiarity with common security libraries, security controls, OWASP and common security flaws.
  • Hands-on experience with SAST, DAST & SCA tools (Checkmarx, Synk, OWASP ZAP, Burp etc).
  • Good understanding of network and web related protocols (such as TCP/IP, mTLS, HTTPS etc).
  • Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner.

Preferred Qualifications

  • Contributions to the security community (blogging, presentations, CTFs, bug bounties etc).
  • B.S. or M.S. Computer Science or related field.
Job Summary
  • Job Title
    Senior Product Security Engineer
  • Company
    Rocket Lawyer
  • Location
    San Francisco, CA
  • Employment Type
    Full time
Ready to apply?
Ready to apply?