Application Security Engineer
Budapest, Hungary
Applications have closed
Diligent Corporation
Diligent, a modern governance company, is the only comprehensive governance software provider featuring tools to improve and simplify modern day governance.About Us
Diligent is the leading governance, risk and compliance (GRC) SaaS company, serving 1 million users from over 25,000 organizations around the world. Our software enables holistic and informed conversations about GRC and ESG to ensure CEOs, CFOs and the board have an integrated view of audit, risk, information security, ethics and compliance from across the organization.
Position Overview
The Application Security Engineer will be a member of the Security group and will work closely with Product Design, Software Development, and Production Operations. The Application Security team at Diligent is primarily responsible with overseeing secure development, creating best practices and processes for the technology organization, and maintaining security tools and procedures. This position will primarily focus on the Diligent Entities and Diligent Analytics platform.
Candidates will be working primarily with a development team located in Eastern Europe. They will be providing implementation on security best practices on architectural design, account security (2FA and Identity Management), anti-tamper technologies, secret management, and continuous integration/continuous deployment.
The ideal candidate will come from a development lead, security engineer, or DevOps background with a strong passion and interest in security. This person should be self-motivated, enjoy security work, and thrive working in a global, dynamic, growing company environment.
Key Responsibilities
- Own vulnerability management and mitigation approaches with product teams
- Perform threat modeling, secure feature and architecture assessments, security-critical code reviews, and application security testing
- Document security feature implementations
- Contribute to security policy, standards, and guidelines related to application security
- Research emerging technologies and maintain awareness of current security risks
- Define, implement, and monitor security measures in Diligent Core products
Required Experience/Skills:
- Degree in Computer Science preferably with emphasis on Information Security
- 5+ years of professional work experience in application design and development, 2+ years in application security architecture and design for web and mobile applications
- Knowledge of security concepts for Internet technologies, architectures, and protocols
- Knowledge of application software security concepts
- Experience with mitigating OWASP Top Ten and CWE/SANS Top 25 vulnerabilities
- Experience with a combination of .NET, AngularJS, C#, and/or mobile frameworks
- Experience with project management tools (JIRA)
- Experience with code analysis and penetration testing tools
- Excellent verbal and written communication skills
- Relevant certification in Application Security or Penetration testing (CISSP, CSSLP, GSSP-x, CEH, GPEN, GWAPT, GMOB, Security+)
- Awareness of security standards and frameworks relevant to the SaaS industry (e.g. ISO, NIST, CSA)
Preferred Experience/Skills:
- Experience in the CI/CD build systems and best practices, especially Jenkins
- Experience building and reviewing node packages and other third-party dependencies
- Experience with secret and key management systems, such as Vault
- Experience with Docker, Kubernetes, and Rancher
What Diligent Offers You
- Creativity is ingrained in our culture. We are innovative collaborators by nature. We thrive in exploring how things can be differently both in our internal processes and to help our clients
- We care about our people. Diligent offers a flexible work environment, competitive vacation policy and meeting-free days across the company. We care about our team’s health and wellness and even offer a quarterly health club reimbursement!
- We have teams all over the world. We may be headquartered in New York City, but we have office hubs in Washington D.C., Vancouver, London, Galway, Budapest, Munich, Bengaluru, and Sydney.
- Diversity is important to us. Growing, maintaining and promoting a diverse team is a top priority for us. We foster and encourage diversity through our Employee Resource Groups and provide access to resources and education to support the education of our team, facilitate dialogue, and foster understanding.
Diligent created the modern governance movement. Our world-changing idea is to empower leaders with the technology, insights and connections they need to drive greater impact and accountability – to lead with purpose. Our employees are passionate, smart, and creative people who not only want to help build the software company of the future, but who want to make the world a more sustainable, equitable and better place.
Headquartered in New York, Diligent has offices in Washington D.C., London, Galway, Budapest, Vancouver, Bengaluru, Munich, and Sydney.
We are a drug free workplace. Diligent is proud to be an equal opportunity employer. We do not discriminate based on race, color, religious creed, sex, national origin, ancestry, citizenship status, pregnancy, childbirth, physical disability, mental disability, age, military status, protected veteran status, marital status, registered domestic partner or civil union status, gender (including sex stereotyping and gender identity or expression), medical condition (including, but not limited to, cancer related or HIV/AIDS related), genetic information, or sexual orientation in accordance with applicable federal, state and local laws. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. See also Diligent's EEO Policy and EEO is the Law. We are committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, you may contact us at recruitment@diligent.com.
To all recruitment agencies: Diligent does not accept unsolicited agency resumes. Please do not forward resumes to our jobs alias, Diligent employees or any other organization location. Diligent is not responsible for any fees related to unsolicited resumes.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Analytics Application security C CEH CI/CD CISSP Code analysis Compliance Computer Science DevOps Docker GMOB Governance GPEN GWAPT Jira Kubernetes NIST OWASP Pentesting SaaS SANS Vulnerabilities Vulnerability management
Perks/benefits: Career development Flex hours Flex vacation Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Windows-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open EDR-related jobs