Diligent Corporation Application Security Engineer in New York, New York
Application Security Engineer
Information TechnologyNew York, New York
Diligent is the pioneer in modern governance. We empower leaders to turn governance into a competitive advantage through unparalleled insight and highly secure, integrated SaaS applications, helping organizations thrive and endure in today’s complex, global landscape. The largest global network of corporate directors and executives, Diligent is relied on by more than 16,000 organizations and 650,000 leaders in over 90 countries. With award-winning customer service, Diligent serves more than 50% of the Fortune 1000, 70% of the FTSE 100, and 65% of the ASX. Our passionate, smart, and creative group of more than 1,000 employees support customers around the globe from offices inNew York, London, Washington, DC, Amsterdam, Sydney, Christchurch, and Charlotte, NC.
The Application Security Engineer will be a member of the Security group and will work closely with Product Design, Software Development, Production Operations, and other members of the Security group to maintain and enhance the security of our mobile, web, and server software applications. This work involves several technology stacks and platforms.
The ideal candidate will be self-motivated, enjoy security work, and thrive working in a global, dynamic, small company environment.
Collaborate with development teams to prioritize findings and remediations for security issues
Review new software features with product teams and conduct risk analysis
Help design and code application security controls
Perform threat modeling, secure feature and architecture assessments, security-critical code reviews, and penetration testing
Document and verify security feature implementations
Contribute to security policy, standards, and guidelines related to secure application development
Research emerging technologies and maintain awareness of current security risks
Develop test plans for security verification, and assist development teams with security testing methodologies and tools
Bachelors degree in Cybersecurity, Computer Science, or Information Technology with an emphasis on security
Demonstrated experience with application security architecture and design for web and mobile applications (internships, competitions, research projects, etc.)
Familiarity with security concepts for applications, Internet technologies, architectures, and protocols
Experience with mitigating OWASP Top Ten and CWE/SANS Top 25 vulnerabilities
Experience with code analysis and penetration testing tools
Excellent verbal and written communication skills
Masters degree in Cybersecurity, Computer Science, or Information Technology with an emphasis on security
2+ years of professional work experience with application security architecture and design for web and mobile applications
Relevant certification in application security or penetration testing (CSSLP, GSSP-x, CEH, GPEN, GWAPT, GMOB)
Awareness of security standards and frameworks relevant to the SaaS industry (e.g. ISO, NIST, CSA)
Experience developing threat models and conducting code security reviews
Background in agile development environments/teams
Experience using project management tracking software (e.g. JIRA, Redmine, Git, Kanban)
Experience with software build and deployment pipelines/processes
Ability to type and/or manage laptop or personal computer keyboard for the purpose of internal and external electronic communication.
Ability to see and hear and communicate verbally
Ability to understand, remember and apply oral and/or written instructions or other information
Ability to understand complex problems and to collaborate and explore alternative solutions
Ability to make decisions which have moderate to significant impact on the immediate team and division and stakeholders/colleagues and be able to monitor that impact
FSLA Status: Exempt
Diligent offers a competitive compensation and benefits package, including health, vision, dental, 401k with a strong match, health club reimbursement and much more.
We are a drug free workplace, and an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religious creed, sex, national origin, ancestry, citizenship status, pregnancy, childbirth, physical disability, mental disability, age, military status, protected veteran status, marital status, registered domestic partner or civil union status, gender (including sex stereotyping and gender identity or expression), medical condition (including, but not limited to, cancer related or HIV/AIDS related), genetic information, or sexual orientation in accordance with applicable federal, state and local laws.