.NET Developer/Architect

Job Descriptions:
specific hands-on technical experience with the following tools (specifically selecting them, integrating them into a CI / CD pipeline and writing / configuring custom queries):

• Checkmarx, Fortify, GHAS - CodeQL
• BlackDuck, Prisma, CycloneDX, Jfrog Xray, GHAS – Secrets, GHAS - Dependabot
• Invicti Netsparker, WebInspect, AppScan, BurpSuite, ZAP

We need very deep security software engineering skills.

• Act as an advisor to leadership to develop or influence applications, network, information security, database, operating systems, or web technologies for highly complex business and technical needs across multiple groups.
• Lead the strategy and resolution of highly complex and unique challenges requiring in-depth evaluation across multiple areas or the enterprise, delivering solutions that are long-term, large-scale and require vision, creativity, innovation, advanced analytical and inductive thinking.
• Translate advanced technology experience, an in-depth knowledge of the organizations tactical and strategic business objectives, the enterprise technological environment, the organization structure, and strategic technological opportunities and requirements into technical engineering solutions.
• Provide vision, direction and expertise to leadership on implementing innovative and significant business solutions.
• Maintain knowledge of industry best practices and new technologies and recommends innovations that enhance operations or provide a competitive advantage to the organization.
• Strategically engage with all levels of professionals and managers across the enterprise and serve as an expert advisor to leadership.

Required Qualifications:

• 7+ years of Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education..
• 7+ years of Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
• 3+ years of Cloud experience (GCP, Azure, AWS)
• Ability to Travel up to 10% of the time
• 5 + years – Development experience in more than one language
• 3+ years of experience with secure DevOps and deployment automation to cloud environments
• 3 + years – CI/CD integration experience
• 2+ years of ServiceNow Experience
• Demonstrated experience in Penetration Testing
• Demonstrated experience in determining root cause analysis for actionable SDLC security updates
• Dynamic Analysis Security Testing (DAST) experience
• Knowledge of Kubernetes Containerization Strategy
• Static Analysis Security Testing (SAST) experience (Checkmarx, Fortify, Semgrep, manual code review, etc.)
• Recent Java or C# & .NET CORE development experience including the development of RESTful APIs
• Experience with SDLC and Agile methodologies
• Expert knowledge and understanding of information security practices and policies, including Information Security Frameworks, Standards, and best practices.