Senior Security Application Developer

About The Position

Requirements

• Bachelor’s degree with major coursework in Computer Science or Information Systems; or combination of education and commensurate work experience required.
• Trade Training preferred; 5 years’ relevant experience required, preferably in professional services setting.
• Experience building applications on the .Net platform in a hosted Web/SaaS environment
• Deep understanding of secure coding practices (input validation, authentication/authorization, secrets handling, error handling
• Experience fixing vulnerabilities such as SQLi, XSS, IDOR, SSRF, auth bypass, and insecure deserialization (OWASP Top 10)
• Hands-on use of SAST, DAST, SCA, IAST tools and interpreting results beyond “tool output”
• Practical security knowledge of Azure application services (IAM, managed identities, app gateways)
• Experience with secure build pipelines, dependency scanning, artifact signing, and secrets detection
• Embedding security into CI/CD pipelines (GitHub Actions, Azure DevOps, GitLab CI, etc.)
• Excellent working knowledge of Application Development using Microsoft .Net Framework, .Net Core, C#, React or Angular and SQL Server
• Develop and implement SQL scripts, Stored Procedures and ETL processes
• Web Services, XML, SOA, REST, JSON
• ASP.NET MVC
• Secure API design (OAuth2/OIDC, JWT, scopes, mTLS, rate limiting)
• Sound knowledge of Rest API creation and consumption
• Full Stack Development experience
• Sound understanding of application life cycles and client/server architectures in an enterprise environment
• Excellent troubleshooting skills and root cause analysis
• Experience with Entity Framework Code First and Unit Testing
• Experience with Microsoft Azure Web Apps, Function Apps, Api Apps and Logic Apps

Responsibilities

• Design, develop, and maintain secure application components, frameworks, and tooling (SAST, DAST, custom scanners, CI/CD integrations).
• Perform threat modeling, architecture reviews, and secure design guidance for web, API, cloud, and microservice-based systems.
• Identify, triage, and remediate vulnerabilities through code reviews, automated testing, and manual analysis.
• Partner with all development teams to embed security controls into CI/CD pipelines and development workflows.
• Establish and promote secure coding standards and best practices aligned with OWASP Top 10 and modern AppSec frameworks.
• Lead vulnerability remediation guidance and contribute directly to fixing security issues in core codebases.
• Support incident response activities, including application-level root cause analysis and corrective actions.
• Elevate developer security awareness through coaching, documentation, and internal security evangelism.
• Training and mentoring application developers in security and design principles.
• Working closely with the Application Development Manager on project resourcing and utilization.
• Develops and maintains documentation and testing methodologies for secure coding standards.
• Manage and maintain the infrastructure required for development and production environments, ensuring scalability, reliability, and security.
• Collaborate with IT and other departments to align infrastructure needs with organizational goals.
• Serve as a liaison between development, operations, and other departments to ensure alignment and effective communication.
• Ensure that security best practices are integrated into the development and deployment processes.
• Stay updated with the latest trends and technologies in DevOps and software development.
• Drive continuous improvement initiatives to enhance the DevOps security culture and best practices within the organization.
• Participate in code reviews to represent reviewed work for adherence to standards and specifications.
• Other duties as assigned.

Benefits

• medical and dental coverage
• life insurance
• short-term and long-term disability insurance
• pre-tax flexible spending account for certain medical and dependent care expenses
• an employee assistance program
• Paid Time Off
• paid holidays
• participation in a retirement plan program after meeting eligibility requirements