Listing Description
Position Overview
The Application Security Engineer will be a member of the Security group and will work closely with Product Design, Software Development, and Production Operations. The Application Security team at Diligent is primarily responsible with overseeing secure development, creating best practices and processes for the technology organization, and maintaining security tools and procedures.
They will be providing implementation on security best practices on architectural design, pulbic cloud security (Amazon Web Services), account security (2FA and Identity Management), anti-tamper technologies, secret management, and continuous integration/continuous deployment.
The ideal candidate will come from a development, security engineer, or DevOps background with a strong passion and interest in security. This person should be self-motivated, enjoy security work, and thrive working in a global, dynamic, growing company environment.
Key Responsibilities
Own vulnerability management and mitigation approaches with product teams
Perform threat modeling, secure feature and architecture assessments, security-critical code reviews, and application security testing
Document security feature implementations
Contribute to security policy, standards, and guidelines related to application security
Research emerging technologies and maintain awareness of current security risks
Define, implement, and monitor security measures in Diligent Core products
Experience/Skills:
3+ years of experience in Application Security or Application Development
Knowledge of security concepts for Internet technologies, architectures, and protocols
Excellent understanding of OWASP Top Ten and CWE/SANS Top 25 vulnerabilities and mitigations
Experience with threat modeling
Experience with code analysis and/or penetration testing tools
Understanding of CI/CD pipelines
Experience with container technologies
Experience with automation
Understanding of security standards (e.g. NIST) and compliance needs (e.g. SOC2)
Listing Details
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided