Senior Application Security Engineer

Our Story: Litera, headquartered in Chicago, IL, is a fast-growing software company and one of the leading legal technology suppliers in the world. Serving more than 90% of the world's largest law firms, our software is used by hundreds of thousands of lawyers every day. As a company recognized as one of the best places to work, we believe professional development, rewards programs, open communication, and transparent leadership all contribute to a unique and open work environment. Our employees are driven, energetic, passionate, and have the ability to make a direct impact on the future of the company.

The Opportunity

This role will be a part of an energetic and dynamic team of Product / Application security professionals, working closely with business and technology teams servicing a global business & customer base. This role will provide technical expertise in application security testing (SAST, DAST, Manual) and SSDLC execution. The Senior Application Security Engineer will report to the Manager, Application Security and contribute to Litera’s application security evolution.

Key Responsibilities:

  • Perform Application security scanning (manual & automated) and identify mitigations by working closely with Litera’s development teams.
  • Perform application security code reviews and drive the identified code flaws to closure.
  • Develop processes utilizing automation to identify, track and remediate security flaws in our code and cloud estate.
  • Integrate and enforce secure development practices within Litera’s SDLC.
  • Continuously analyze the security profile of our cloud applications and infrastructure while implementing best practice security configurations & design with the DevOps team.
  • Lead penetration testing engagements and remediation efforts for our cloud estate.
  • Perform any other application security / product security architecture related activities as needed.
  • Participate in development training in security, by helping find resources and doing presentations around exploits (in the wild and internal flaws that have already been remediated)

What you Bring:

Technical skills:

  • 4+ years experience in application development and 3+ years experience identifying and remediating application security flaws.
  • Good experience with at least one programming language is a must
  • Experience with source control and build / deployment pipelines (Jenkins, Azure DevOps, GitHub or similar tools).
  • 3+ years of experience working on scanning tools (Veracode, Burp suite, Checkmarx, Acunetix, IBM appscan or similar tools)


  • Experience in integrating security tools with CI/CD pipelines.
  • Excellent understanding of OWASP risks, vulnerabilities, and mitigation mechanisms.
  • Experience disseminating security knowledge and guiding others on security fixes.
  • Knowledge of SSDLC process.
  • Security remediation experience and adoption of security controls & best practices in a public cloud provider (Azure/AWS Cloud preferred) is a plus.
  • Experience working with Infrastructure as Code and DevOps culture and principles is a bonus.

Soft skills:

  • Curiosity, strong initiative, drive and self-direction.
  • Comfort with change and a fast-paced environment - Litera is always acquiring companies and being able to adapt and deal with different technologies is necessary for this job.
  • Good communication skills as this job requires working with all development and product teams across Litera to explain flaws and drive fixes.
  • Leadership skills and capacity to share knowledge to help and act as a role model for less experienced peers.
  • Demonstrate continuous growth and consistency in the performance of the assigned tasks.

What sets us apart?

  • Be part of a team at a proven, fast-growing, industry-leading tech company
  • Generous allocation of paid time off, and flexible work hours
  • Available merit-based cash bonus plan
  • Many opportunities for rewards and recognition
  • Have fun with your peers while enjoying random ice cream and bagel parties, cold brew tap, keg, and an occasional ping pong game!

If you want to be part of our team, please apply today!

Attach your resume (in English)

Shikime 1,568
Kategoria Teknologji e Informacionit
Skadon 13/04/23 (20 ditë)
Orari Full Time
Lokacioni Prishtinë
KosovaJob është rrjeti më i madh i punësimit në Kosovë i certifikuar nga Bureau Veritas me ISO 9001:2015 Standardet për kualitet