Experience Inc. Jobs

Job Information

Diligent Corporation Application Security Engineer in New York, New York

Application Security Engineer

Information TechnologyNew York, New York

Apply

Description

The Company

Diligent is the pioneer in modern governance. We empower leaders to turn governance into a competitive advantage through unparalleled insight and highly secure, integrated SaaS applications, helping organizations thrive and endure in today’s complex, global landscape. The largest global network of corporate directors and executives, Diligent is relied on by more than 16,000 organizations and 650,000 leaders in over 90 countries. With award-winning customer service, Diligent serves more than 50% of the Fortune 1000, 70% of the FTSE 100, and 65% of the ASX. Our passionate, smart, and creative group of more than 1,000 employees support customers around the globe from offices inNew York, London, Washington, DC, Amsterdam, Sydney, Christchurch, and Charlotte, NC.

Position Overview

The Application Security Engineer will be a member of the Security group and will work closely with Product Design, Software Development, Production Operations, and other members of the Security group to maintain and enhance the security of our mobile, web, and server software applications. This work involves several technology stacks and platforms.

The ideal candidate will be self-motivated, enjoy security work, and thrive working in a global, dynamic, small company environment.

Key Responsibilities

  • Collaborate with development teams to prioritize findings and remediations for security issues

  • Review new software features with product teams and conduct risk analysis

  • Help design and code application security controls

  • Perform threat modeling, secure feature and architecture assessments, security-critical code reviews, and penetration testing

  • Document and verify security feature implementations

  • Contribute to security policy, standards, and guidelines related to secure application development

  • Research emerging technologies and maintain awareness of current security risks

  • Develop test plans for security verification, and assist development teams with security testing methodologies and tools

Required Experience/Skills:

  • Bachelors degree in Cybersecurity, Computer Science, or Information Technology with an emphasis on security

  • Demonstrated experience with application security architecture and design for web and mobile applications (internships, competitions, research projects, etc.)

  • Familiarity with security concepts for applications, Internet technologies, architectures, and protocols

  • Experience with mitigating OWASP Top Ten and CWE/SANS Top 25 vulnerabilities

  • Background in software engineering with some combination of: .NET, Java, C++, JavaScript, Objective C, Swift, and Kotlin

  • Experience with code analysis and penetration testing tools

  • Excellent verbal and written communication skills

Preferred Experience/Skills:

  • Masters degree in Cybersecurity, Computer Science, or Information Technology with an emphasis on security

  • 2+ years of professional work experience with application security architecture and design for web and mobile applications

  • Relevant certification in application security or penetration testing (CSSLP, GSSP-x, CEH, GPEN, GWAPT, GMOB)

  • Awareness of security standards and frameworks relevant to the SaaS industry (e.g. ISO, NIST, CSA)

  • Experience developing threat models and conducting code security reviews

  • Background in agile development environments/teams

  • Experience using project management tracking software (e.g. JIRA, Redmine, Git, Kanban)

  • Experience with software build and deployment pipelines/processes

Physical Requirements

  • Ability to type and/or manage laptop or personal computer keyboard for the purpose of internal and external electronic communication.

  • Ability to see and hear and communicate verbally

Mental Requirements

  • Ability to understand, remember and apply oral and/or written instructions or other information

  • Ability to understand complex problems and to collaborate and explore alternative solutions

  • Ability to make decisions which have moderate to significant impact on the immediate team and division and stakeholders/colleagues and be able to monitor that impact

FSLA Status: Exempt

Diligent offers a competitive compensation and benefits package, including health, vision, dental, 401k with a strong match, health club reimbursement and much more.

We are a drug free workplace, and an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religious creed, sex, national origin, ancestry, citizenship status, pregnancy, childbirth, physical disability, mental disability, age, military status, protected veteran status, marital status, registered domestic partner or civil union status, gender (including sex stereotyping and gender identity or expression), medical condition (including, but not limited to, cancer related or HIV/AIDS related), genetic information, or sexual orientation in accordance with applicable federal, state and local laws.

DirectEmployers