The Senior .NET Developer will be working on the Security team with a focus around patching vulnerabilities in .NET, C# and ASP.NET MVC – and will be using SAST (Static Application Security Testing) extensively to accomplish this.
REQUIREMENTS
- 7+ years of experience .NET Development – more senior the better
- Strong ASP.NET MVC experience
- Must have Web Forms experience
- Must have Docker experience
- Must have SOAP and REST based services experience
- Lead Development Experience
- Code Review Experience
- Secure Coding and Secure Testing Experience - THE MORE THE BETTER (examples include but not limited to)
- SAST: Fortify, Checkmarx, Veracode, SonarQube, Coverity
- DAST: OWASP ZAP (Zed Attack Proxy), Burp Suite, Acunetix, IBM AppScan, Nessus
- IAST: Contrast Security, Seeker, Hdiv Security
- SCA Tools: Black Duck, Nexus Lifecycle, WhiteSource
- Pen Testing: Metasploit, Nmap, Wireshark, Kali Linux, OWASP WebGoat
- Vulnerability Scanning: OpenVAS, Qualys, Nexpose, Nessus, Retina
- Code Review: SonarQube, Crucible, Review Board, Phabricator,
- SIEM Tools: Splunk, LogRhythm, QRadar, ArcSight, Graylog
- Fuzzing Tools: American Fuzzy Lop, Peach Fuzzer, Sulley
- Threat Modeling Tools: Microsoft Threat Modeling Tools, OWASP Threat Dragon, ThreatModeler
NICE TO HAVE EXPERIENCE – from most important to least, in this order:
- Experience with ORM tools
- Experience with Kubernetes
- Experience with Azure DevOps
- Experience with AngularJS or ReactJS