Principal Engineer, Application Security
- Cvent
- 12 - 15 years
- Noida, Gurugram
- 2 months ago
- Email to a friend
- Report this job
Job Description
- You are a highly experienced and visionary security professional with deep expertise in application security, architecture, and secure software development
- you're not only a strategist and a technical authority, but also someone who remains hands-on when it matters
- You thrive on solving large-scale security problems, designing resilient security architectures, and enabling engineering teams to ship secure products without friction
- You lead with influence, partner with engineering and product leaders, and drive scalable security solutions across an enterprise
- You also play a pivotal role in Cvent s Application Security Research & Engineering (ASRE) program guiding the development of internal tooling, automation, and innovative approaches to secure software at scale
In This Role, You Will:
- Design and own secure application architectures across Cvent s product landscape, including SaaS platforms, mobile apps, APIs, and cloud-native services
- Define and evolve application security strategy, driving initiatives that align with Cvent s product roadmap and risk posture
- Lead architecture reviews, threat modeling sessions, and risk assessments for high-impact products and features, including those involving AI/ML pipelines
- Engineer and advocate scalable security solutions, from reusable libraries and security design patterns to tooling integrations within the SDLC
- Build and maintain relationships with engineering leaders, product managers, and infrastructure teams to champion security-by-design principles
- Partner with ASRE to define and drive automation projects, internal tool development, and scalable controls for vulnerability discovery and remediation
- Serve as the security technical authority during escalations, post-incident reviews, customer audits, and design sprints
- Provide technical leadership to the broader AppSec team, mentoring Senior and Lead engineers and participating in hiring and capability building
- Evaluate and introduce new technologies, standards, or frameworks to improve application security and developer experience
Heres What You Need:
- 12+ years of experience in information security, with a strong focus on application security, architecture design, and secure development practices
- Deep understanding of secure software development lifecycles (SDLC), secure design principles, and modern threat landscapes (including AI/ML risks, supply chain, cloud-native, and microservices)
- Proven ability to architect secure solutions across multi-tenant SaaS platforms, microservices, and API-driven ecosystems
- Expertise in performing and leading threat modeling, code reviews, and architecture risk assessments
- Strong coding and scripting skills (eg, Python, Java, JavaScript, TypeScript, etc); ability to prototype tools or support ASRE initiatives directly
- Hands-on experience with security tools and platforms (eg, SAST, DAST, IAST, SCA, container scanning, IaC analysis)
- Familiarity with cloud security and native controls (AWS/GCP/Azure), DevSecOps pipelines, and IaC tools like Terraform
- Excellent communication skills with a proven ability to influence both technical and executive stakeholders
- Strong grasp of regulatory frameworks and standards such as ISO 27001, SOC 2, PCI, OWASP, NIST 800-53/218, and AI RMF
- Bonus If You Have: Experience building security frameworks or reference architectures adopted across multiple product teams
- Research contributions to ASRE-style initiatives, open-source tooling, or internal platform development
- Knowledge of emerging AI security threats (adversarial ML, model poisoning, privacy leakage, etc)
- Certifications such as AWS Certified Solutions Architect Associate/Professional, CSSLP, OSWE, GCPN, CISSP, SABSA, or SANS/GIAC Architect-level certification
Why you'll Love This Role:
- you'll define and influence the security architecture of platforms used by thousands of customers worldwide
- you'll work on high-impact initiatives with the authority to shape how security is done not just today, but for the long term
- you'll help grow and mentor a world-class AppSec team while staying close to the technology you love
- you'll drive an engineering-led security culture alongside leadership that supports security investment, research, and innovation
Job Classification
Industry: IT Services & ConsultingFunctional Area / Department: Engineering - Software & QARole Category: Software DevelopmentRole: Technical ArchitectEmployement Type: Full timeContact Details:
Company: CventLocation(s): Noida, Gurugram+ View Contact
Keyskills: Supply chain Automation Coding Information security SOC Javascript Application security Open source SDLC Python
Fraud Alert to job seekers!
₹ Not Disclosed
Similar positions
Cvent
Cvent, Inc. (www.cvent.com) is the world's leading provider of cloud-based software for meetings and event management. Our platform of products includes software to manage and facilitate online event registration, meeting site selection, event management, e-mail marketing and web surveys. We also ...
Job Listings
We are in open beta version of website, please let us know if any issues, at: info(at)indigojobs.in