.NET Core Developer
Location: Charlotte NC, Chandler AZ, Westlake TX
Duration: 6+ Months on site Required
Role Type: W2 contract engagement
Required Qualifications:
* 5+ years of Application Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
* 5+ years of experience troubleshooting in complex technical environments
* 2+ years of experience implementing technical solutions in a large enterprise (150K+ employees)
* 2+ years of experience with scripting tools such as Bash, Python and PowerShell
* 1+ year of experience writing SQL queries
* 1+ year of experience building/managing MS SQL and/or Oracle databases, including data feeds and ETL
Desired Qualifications:
*
* Expert understanding of the most common application security risks (OWASP Top 10, SANS/CWE Top 25)
* Experience in developing applications in Java, .NET (preferred), C#, JavaScript, Python, or other modern OOP languages
* Experience managing automated application security testing tools, including Static and Dynamic Application Security Testing (SAST/DAST) and Software Composition Analysis (SCA)
* Provide strategic and tactical security guidance for secure application development, including the evaluation and recommendation of technical controls
* Experience integrating application security tools into the CI/CD pipeline
* DevSecOps experience
* Recommended application security certifications (one or more): OSCP/ OSEP/OSWE, CEH/LPT, CPT/CEPT, CASS, CASE, CMWAPT, CRTOP, GIAC GEVA/GPEN/GWAPT/GCPN/GXPN/GMOB/GDAT
* Experience with integrating application security tools into Enterprise vulnerability management systems (e.g., ServiceNow)
* Thoroughly understand secure application design principals, including the areas of authentication, authorization/least privilege, logging, encryption, data masking, data retention, and secure data transmission
* Assist in the development and management of security policies, standards, procedures, and guidelines
* Design, document, plan, coordinate, and implement complex information security solutions
* Strong technical and business writing skills, plus the ability to effectively explain plans and solutions verbally to both technology and business units