Gather, Analyze, and Document Requirements: Collaborate with business users and stakeholders to gather and finalize functional and technical requirements for web applications. Ensure requirements align with business objectives, operational needs, and security standards. Analyze and interpret static (SAST) and dynamic (DAST) security scan results, documenting remediation requirements for identified vulnerabilities. Implement secure data handling practices to prevent data leakage and comply with data protection regulations. Translate business requirements into clear technical deliverables by engaging with cross-functional teams.
Solution Strategy and Development: Design, develop, and maintain secure web applications using .NET technologies, including ASP.NET, .NET Core, and .NET Framework. Apply secure coding practices to mitigate vulnerabilities such as SQL injection, Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF). Develop and integrate secure APIs for external data sources, ensuring safe and efficient data exchange. Ensure application architecture aligns with security best practices and organizational strategies. Maintain a robust, secure codebase that meets performance and security guidelines.
Vulnerability Remediation and Code Optimization: Monitor and promptly remediate vulnerabilities detected through static and dynamic security scans. Apply secure coding standards to address common security threats, including SQL injection, XSS, and CSRF. Optimize application code to ensure system performance is unaffected by security patches. Collaborate with DevOps and QA teams to automate vulnerability scans and remediation processes. Stay informed about emerging threats and technologies to proactively enhance application security.
Validation: Conduct comprehensive validation of remediation efforts to ensure all vulnerabilities are resolved. Develop and execute unit, integration, and system tests to validate application security and functionality. Perform code reviews for alignment with security best practices, obtaining necessary signoffs from security teams. Document testing processes, logic changes, and results to ensure transparency and traceability. Assess potential application impacts from changes and conduct regression testing to ensure stability.
Release Support and Continuous Improvement: Collaborate with global teams to ensure secure and efficient application deployments. Address post-release security and performance issues promptly. Monitor application performance and security post-deployment to identify and resolve emerging issues. Implement process improvements based on feedback and identify opportunities for optimizing development and security practices. Participate in post-release reviews to continuously enhance application security and functionality.
Qualifications:
Proven experience in web application development using .NET technologies (ASP.NET, .NET Core, and .NET Framework).
Strong understanding of secure coding practices and vulnerability remediation techniques.
Familiarity with static (SAST) and dynamic (DAST) security scan tools and processes.
Knowledge of common security threats such as SQL injection, XSS, and CSRF, and methods to mitigate them.
Proficiency in developing and validating APIs and web applications with a focus on security.
Experience collaborating with cross-functional teams, including DevOps, QA, and security teams
Preferred Skills:
Experience with application architecture and designing secure solutions.
Familiarity with automated vulnerability scanning and security validation tools.
Understanding of data protection regulations and secure data handling practices.
Strong analytical, documentation, and communication skills.
How to Apply
Interested candidates can share their profiles at hr@arthatech.ai along with job details.
