Principal Application Security Engineer

at Diligent
🇮🇳 India - Remote
🔒 Cybersecurity🟡 Principal

Job description

About Us

Diligent is the AI leader in governance, risk and compliance (GRC) SaaS solutions, helping more than 1 million users and 700,000 board members to clarify risk and elevate governance. The Diligent One Platform gives practitioners, the C-Suite and the board a consolidated view of their entire GRC practice so they can more effectively manage risk, build greater resilience and make better decisions, faster.

At Diligent, we’re building the future with people who think boldly and move fast.  Whether you’re designing systems that leverage large language models or part of a team reimaging workflows with AI, you’ll help us unlock entirely new ways of working and thinking.  Curiosity is in our DNA, we look for individuals willing to ask the big questions and experiment fearlessly - those who embrace change not as a challenge, but as an opportunity.  The future belongs to those who keep learning, and we are building it together.  At Diligent, you’re not just building the future - you’re an agent of positive change, joining a global community on a mission to make an impact.

Learn more at diligent.com or follow us on LinkedIn and Facebook

The Principal Application Security Engineer will be a key member of the Security group at Diligent, working in close partnership with Software Development, Site Reliability Engineering, and Product Management. This individual will serve as the technical leader and subject matter expert, driving the Application Security program with a primary focus on Vulnerability Management for Diligent’s Board management and GRC platform. The Application Security team’s mission is to support secure software development by defining and enforcing best practices, maintaining security tools and processes, and ensuring vulnerabilities are identified, prioritized, and remediated according to company standards. The ideal candidate will have a strong background in software development, security engineering, or DevOps, coupled with deep security expertise and a demonstrated ability to influence and lead in dynamic global environments.

Key Responsibilities

  • Design, implement, and lead the Vulnerability Management program, ensuring vulnerabilities (across infrastructure and applications) are continuously identified, risk assessed, and remediated in alignment with Diligent’s Vulnerability Management Standard and timelines.
  • Provide technical leadership and mentorship to application security engineers and other stakeholders involved in secure software development.
  • Drive collaboration with Engineering to ensure timely application of security patches and mitigation of vulnerabilities, including clear escalation paths, exception management, and compliance reporting.
  • Influence engineering practices and culture by developing and advocating secure coding standards, response runbooks, and risk-based remediation guidance.
  • Serve as a primary escalation point for complex vulnerability management issues and customer or audit inquiries related to application security.
  • Participate actively in risk evaluation, prioritization, remediation planning, and exception handling processes for high-risk vulnerabilities.
  • Liaising with cross-functional partners to strengthen overall security posture.

Required Experience and Skills

  • Bachelor’s degree in Computer Science or related discipline
  • Minimum 10 years of professional experience in application design, development, and security for web and mobile applications.
  • Excellent knowledge of security concepts related to Internet technologies, architectures, and protocols, as well as application software security concepts. This includes extensive experience in mitigating vulnerabilities
  • Deep understanding of vulnerability management frameworks and security best practices (e.g., asset inventory, vulnerability assessment and scanning, patch management, risk/timeline evaluation, remediation, and exception handling).
  • Proven experience designing, implementing, and refining vulnerability lifecycle processes, including asset inventory management, vulnerability identification, risk validation, prioritization, remediation tracking, verification, and exception handling.
  • Advanced communication skills, with demonstrated ability to coordinate across engineering, operations, risk management, audit, compliance, and executive teams to ensure timely vulnerability remediation and alignment with business objectives.
  • Development experience in one or more of: .NET, Javascript, C#, and/or mobile application frameworks.
  • Professional certification in Application Security or Penetration Testing (e.g., CISSP, CSSLP, GSSP-x, CEH, GPEN, GWAPT, GMOB, Security+).
  • Familiarity with security standards and frameworks relevant to SaaS and cloud (e.g., ISO, NIST, CSA).

Preferred Experience and Skills

  • Demonstrated leadership in application security, including helping set strategic direction, influencing day-to-day practices, assigning technical priorities, and fostering a collaborative, high-performing environment.
  • Experience developing and presenting program metrics, dashboards, and risk reports to both technical and non-technical stakeholders, utilizing tools such as JIRA, ServiceNow, or other workflow management solutions.

What Diligent Offers You

  • Creativity is ingrained in our culture. We are innovative collaborators by nature. We thrive in exploring how things can be differently both in our internal processes and to help our clients
  • We care about our people. Diligent offers a flexible work environment, global days of service, comprehensive health benefits, meeting free days, generous time off policy and wellness programs to name a few
  • We have teams all over the world. We may be headquartered in New York City, but we have office hubs in Washington D.C., Vancouver, London, Galway, Budapest, Munich, Bengaluru, Singapore, and Sydney.
  • Diversity is important to us. Growing, maintaining and promoting a diverse team is a top priority for us. We foster and encourage diversity through our Employee Resource Groups and provide access to resources and education to support the education of our team, facilitate dialogue, and foster understanding.

Diligent created the modern governance movement. Our world-changing idea is to empower leaders with the technology, insights and connections they need to drive greater impact and accountability – to lead with purpose. Our employees are passionate, smart, and creative people who not only want to help build the software company of the future, but who want to make the world a more sustainable, equitable and better place.

Headquartered in New York, Diligent has offices in Washington D.C.,  London, Galway, Budapest, Vancouver, Bengaluru, Munich, Singapore and Sydney.   To foster strong collaboration and connection, this role will follow a hybrid work model. If you are within a commuting distance to one of our Diligent office locations, you will be expected to work onsite at least 50% of the time. We believe that in-person engagement helps drive innovation, teamwork, and a strong sense of community.

We are a drug free workplace. Diligent is proud to be an equal opportunity employer. We do not discriminate based on race, color, religious creed, sex, national origin, ancestry, citizenship status, pregnancy, childbirth, physical disability, mental disability, age, military status, protected veteran status, marital status, registered domestic partner or civil union status, gender (including sex stereotyping and gender identity or expression), medical condition (including, but not limited to, cancer related or HIV/AIDS related), genetic information, or sexual orientation in accordance with applicable federal, state and local laws. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. See also Diligent’s EEO Policy and Know Your Rights. We are committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, you may contact us at [email protected].

To all recruitment agencies: Diligent does not accept unsolicited agency resumes. Please do not forward resumes to our jobs alias, Diligent employees or any other organization location. Diligent is not responsible for any fees related to unsolicited resumes.

Share this job:
Please let Diligent know you found this job on Remote First Jobs 🙏

Similar Remote Jobs

Diligent logo

Diligent

  • 16 remote jobs

Latest Jobs at Diligent

Benefits of using Remote First Jobs

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

Advanced Filters

Filter by category, benefits, seniority, and more.

Priority Job Alerts

Get timely alerts for new job openings every day.

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

Search remote, work from home, 100% online jobs

We help you connect with top remote-first companies.

Search jobs

Hiring remote talent? Post a job

Frequently Asked Questions

What makes Remote First Jobs different from other job boards?

Unlike other job boards that only show jobs from companies that pay to post, we actively scan over 20,000 companies to find remote positions. This means you get access to thousands more jobs, including ones from companies that don't typically post on traditional job boards. Our platform is dedicated to fully remote positions, focusing on companies that have adopted remote work as their standard practice.

How often are new jobs added?

New jobs are constantly being added as our system checks company websites every day. We process thousands of jobs daily to ensure you have access to the most up-to-date remote job listings. Our algorithms scan over 20,000 different sources daily, adding jobs to the board the moment they appear.

Can I trust the job listings on Remote First Jobs?

Yes! We verify all job listings and companies to ensure they're legitimate. Our system automatically filters out spam, junk, and fake jobs to ensure you only see real remote opportunities.

Can I suggest companies to be added to your search?

Yes! We're always looking to expand our listings and appreciate suggestions from our community. If you know of companies offering remote positions that should be included in our search, please let us know. We actively work to increase our coverage of remote job opportunities.

How do I apply for jobs?

When you find a job you're interested in, simply click the 'Apply Now' button on the job listing. This will take you directly to the company's application page. We kindly ask you to mention that you found the position through Remote First Jobs when applying, as it helps us grow and improve our service 🙏

Apply