Senior Software Engineer - BLAW Application Security
New York, NY
Posted Jan 17, 2023 - Requisition No. 111722
Bloomberg Law is changing the legal technology sector by delivering the most sophisticated research platform on the market with a focus on automation, analytics and real-time answers! Our goal is to become indispensable in the everyday activities of our users and provide solutions that help them get real-time answers accurately and fast. The platform consists of a large Ruby on Rails web application powered by dozens of Java services, an expansive Solr index and complex data enrichment pipelines, hosted on-prem and on the AWS cloud.
We, the Frameworks & Security team at BLAW, are focused on enhancing the platform to bring efficiency to the Product pipelines as well as Business operations, while maintaining high Security standards and Data Privacy protocols. We help engineering teams design, build and deploy software solutions which are secure, reliable and scalable by providing necessary tools and techniques to follow a security-first approach in their daily SDLC workflows.
What's in it for you:
You are responsible for facilitating the delivery of secure applications. You will help other engineering teams with secure development practices, lead security projects with end-to-end ownership, perform periodic security checks and automate them, and participate in secure architecture reviews for new products and services.
We'll trust you to:
- Develop a deep understanding of the architecture and components of the BLAW platform and implement tools and solutions with a security-first approach.
- Be comfortable working on different parts of the stack (front-end and services) with different languages and technologies and collaborate with all teams to help deliver secure software with adequate data privacy controls.
- Build security controls and solutions for products and services developed and deployed for both on-prem and AWS cloud environments.
- Conduct technical research when necessary to contribute to setting cloud security direction and strategy. Create and maintain security guidance regarding recent frameworks and trends from the Application Security domain.
You need to have:
- Bachelor’s degree or higher in information security or equivalent experience. One or more Security certifications, such as CEH, CompTIA Security+ etc will be nice to have.
We’d love to see:
- Knowledge of secure development techniques and vulnerabilities including the OWASP Top 10. Experience with security hardening and prevention including CI-level security controls, Web-security prevention techniques, Storage/Transit encryption, zero-trust architectures, API security etc.
- Experience in implementing AuthN/AuthZ solutions, OAuth/SAML, authorization for APIs/web-services/mobile apps, digital signatures/encryption with access-tokens, encrypted cookies etc.
- Experience building secure, scalable and fault-tolerant distributed systems on AWS, and exposure to Kubernetes and Docker is preferred.
Bloomberg is an equal opportunity employer and we value diversity at our company. We do not discriminate on the basis of age, ancestry, color, gender identity or expression, genetic predisposition or carrier status, marital status, national or ethnic origin, race, religion or belief, sex, sexual orientation, sexual and other reproductive health decisions, parental or caring status, physical or mental disability, pregnancy or maternity/parental leave, protected veteran status, status as a victim of domestic violence, or any other classification protected by applicable law.
Bloomberg is a disability inclusive employer. Please let us know if you require any reasonable adjustments to be made for the recruitment process. If you would prefer to discuss this confidentially, please email email@example.com.
The referenced salary range is based on the Company's good faith belief at the time of posting. Actual compensation may vary based on factors such as geographic location, work experience, market conditions, education/training and skill level.We offer one of the most comprehensive and generous benefits plans available and offer a range of total rewards that may include merit increases, incentive compensation [Exempt roles only], paid holidays, paid time off, medical, dental, vision, short and long term disability benefits, 401(k) +match, life insurance, and various wellness programs, among others. The Company does not provide benefits directly to contingent workers/contractors and interns.
Salary Range: 160,000 - 240,000 USD Annually + Benefits + Bonus