Principal .NET Engineer
A leading IT company is hiring within the engineering group and would like to speak with you! In this role you will analyze existing vulnerabilities and potential security risks and recommend improvements that would preempt security issues by application and system design. This is a coding role, first and foremost. While analysis is at the core of the position, working deeply within the .NET framework is what this role is all about. ** Security background a major plus, but we have an open mind on this one and are willing to make this a "nice to have".
The successful candidate will work with various technical and business organizations throughout the enterprise to extend the application security architecture and software frameworks that address both current and future requirements which facilitate the long-term security roadmap.
While primarily focused on application security, this position frequently dovetails into IT Security and as such requires a broad knowledge base that encompasses all aspects of system, application, and internet security.
· Working with a large .NET code base to lead projects from inception through to completion: technical lead experience essential.
· Analyze existing systems and processes and develop new processes, procedures, and architectures which mitigate risk and protect consumer data in the development of security related functions and frameworks.
· Support IT Security on investigations related to application and system design and/or configuration issues which ultimately leads to new security strategies.
· Specify enterprise-wide security control systems, for applications and infrastructure, and guide their implementation from design through to release.
· Continually improve secure code development, deployment, support and management standards and practices
· Facilitate Product Selection Process - Ensure that proper due diligence is performed in relation to product selection - Emerging Technologies, POC, Pilot, RFP, etc
· Project Risk / Complexity Ranking - rank technology and operations (T&O), and information security risk management projects / initiatives (ISRM).
· Mentor and coach other architects and developers.
· Expert level .NET development skills
· Experience with Cryptography Algorithms and Centralized Key Management Systems
· Experience with Penetration Testing
· Experience with adaptive risk analysis applications
· Bachelor’s Degree or equivalent work experience, preferably in computer science.
· Experience as a security analyst
· Experience managing both large enterprise and small ticket-driven projects.
· Familiarity with C# and .NET framework or Java
· Experience in developing large n-tier mission critical systems, thorough understanding of concurrency and multi-threaded programming.
· Experience with relational databases, such as Oracle and MS SQL Server
· Good interpersonal skills and ability to work with multiple disparate teams
· Analyze technology risks (security, availability, capability, efficiency and integrity) and provide recommendations to enhance the security control procedures.
· Experience in system or network administration with a security focus.
· Understanding of IP addressing and CIDR notation, domain registration and whois, DNS, SMTP, and black lists.
· Understanding of information security concepts and methodology and ability to learn new technologies.
· Knowledge and ability to perform internet-based problem solving.
· Demonstrate and practice strong and effective written and oral communication skills.
· Ability to analyze complex problems and develop creative solutions.
· Ability to effectively manage time and resources in order to serve as a joint asset across organizations.
· Experience with Microsoft Windows Server, Linux, IIS/Apache.