Desired Skills and Experience
- Take a leadership role in driving internal security and privacy initiatives
- Design core, backend software security components
- Code using primarily .Net, C#, and Classic ASP
- Implement abuse detection and logging systems to surface threats
- Interface with Product Development teams to incorporate their innovations and vice versa
- Conduct design and code reviews
- Performs Mobile Risk Assessments, Vulnerability Assessments, and Penetration Tests.
- Recommends countermeasures and safeguards that would mitigate mobile risk.
- Establish mobile policies and procedures and advise Product Owners as to the most optimum deployment of integrated mobile security solutions.
- Perform investigations for evidence of intrusion or policy violations
- Develops, documents, deploys, reviews and maintains Information Security Policies, Standards, Procedures and Guidelines.
- Designs, produces, and delivers compelling OWASP training content.
- Implements and improves software tools to gather system configuration information and proactively identify vulnerabilities.
- Maintains awareness regarding OWASP and application security trends.
- Extensive knowledge of web technologies with an emphasis on the .NET framework, MVC, and Web API
- Extensive knowledge of Security principles: confidentiality and integrity of data, authentication and authorization, security protocols (HMAC, SSL, JKS, AES, OAuth)
- Extensive knowledge of web application security principles
- Extensive experience building secure large-scale, server applications
- Extensive experience with service-oriented architecture principles to implement tools like WCF
- Expert knowledge of VB, C#, and the .NET Framework
- Experience with operating system internals, programming language design, compilers
- Experience in building authentication or authorization services
- Experience with scalable rules engines
- Experience or bent in thinking about operability, monitoring, performance, testability and scalability while building large-scale systems.
- Experience with designing and implementing secure web based payments systems
- Ability to influence design and architectural decisions.
- B.S. or M.S. in Computer Science or related field, or equivalent experience
- 7+ years working on complex web applications
- Full software development lifecycle experience; must be comfortable working using Agile methodology as well as iterative methodologies.
- Must have prior experience of being a developer of a REST interface
Apply