Security Engineer (Security Operations)

Everlaw is looking for a Security Engineer. Reporting to the Manager, Security Engineering, you will be a member of the technical security operations team at the company. Security is one of the main strategic pillars at Everlaw, and we are looking for someone to help us execute on that strategy and protect our most valuable asset--our customer data.

Everlaw's customers entrust us with some of their most sensitive information, and it takes dedication and care to protect it. Some of the world's most high-profile cases are managed using the Everlaw Platform. We set a high bar to do what's right by our users.  Tackling litigation with technology presents deep challenges. Data is spread across distributed systems, stored in varied databases, housed at different physical locations. Keeping our users' data safe requires a passion for learning new technologies because we have to be good custodians no matter whether data flows through a Web application, gets stored in a data warehouse, or is used to train the latest machine learning algorithms. We are dedicated to continuously learning and improving our processes to achieve our mission.

Security Engineering supports teams across Everlaw in creating and operating a secure platform that meets the security and compliance requirements of our customers and company.  We collaborate, build, and use technology to make it easy to do the right thing.  We seek to understand people's needs and strive to protect confidentiality, integrity, and availability of information.

At Everlaw, our mission is to promote justice by illuminating truth. Our company culture is open and vibrant and we’re committed to the professional growth of our team members, offering an annual learning and development stipend and regular check-ins with managers regarding career goals. If you’re looking for a place that values passion, integrity, thinking big, and a desire to learn, we’d love to hear from you! Think you’re missing some of the skills and are hesitant to apply? We do not believe in the ‘perfect’ candidate and encourage you to apply if you feel you can bring value to our team.  

This is a full-time, exempt position located onsite (3 days/week in office) in Oakland, California.

• We want you to feel like part of the team early on! Our onboarding process will integrate you into the company with informative sessions on our product, policies, processes, and team structure and goals.
• We’re excited for you to learn, grow, and contribute right away! We trust that you’ll bring experience and knowledge that will uplift and uplevel the team, but we don’t expect you to know everything on Day 1.

• Support the team to drive improvements in our vulnerability management, threat detection, and incident response capabilities, contributing your perspective to help the team grow.
• Triage security events and respond to security incidents, taking action to contain them, guiding recovery of normal operations, and reducing the likelihood of recurring threats.
• Strengthen threat detection and response systems that safeguard both our cloud infrastructure, third-party integrations, and platform services.
• Develop and refine security processes, procedures, and runbooks that allow our security posture to scale as the company grows.
• Manage and tune AWS security services (IAM, Security Hub, GuardDuty, Config) for effective threat detection, access control, and continuous monitoring.
• Collaborate with Engineering, Engineering Operations, Corporate Security, and GRCT teams to help meet our operational security commitments by probing for vulnerabilities, assessing risk, and advising on how to respond to them.
• Advise other engineers and partners on building a secure platform by leading threat modeling sessions, conducting security design reviews, and reviewing code and configuration changes for security concerns.
• Proactively solve security challenges and foster a security mindset with innovative, security-conscious coworkers across Everlaw.

• You have at least 1-3 years of experience working in a security-focused role.
• You have experience in handling security events and incidents from initial triage through to remediation.
• You have programming skills in at least one scripting language (like Python) and are comfortable navigating a Linux environment.
• You have experience with security tools like vulnerability scanners (Nessus/Trivy), HIDS/NIDS (Wazuh/Zeek), and SIEM/SOAR platforms (Splunk/ELK/Datadog).
• You understand the vulnerability lifecycle and have experience detecting, prioritizing, and remediating vulnerabilities.
• You have written detection rules and response processes for security specific events.
• You can explain technical concepts without jargon, keeping security relatable so that others can solve problems with your support.
• You balance strong protections with enabling people to do their work, finding ways to improve security without blocking innovation.
• You are authorized to work in the United States without restrictions. Please note that at this time, Everlaw is not sponsoring employment visas for this role.

• You have previous experience with SaaS environments and distributed systems.
• You have programming skills in at least one compiled language (like Java).
• You have experience with AWS, Terraform, Ansible, git, and other infrastructure, development, and operations tools.