This position has a heavy focus on application security. It will include development in the above stack as well as developing guidelines for the rest of the development team with respect to managing the attack vectors noted above. It will also include training and monitoring the rest of the team on implementing proper security controls and measures.
5+ years experience in Microsoft .Net stack web development with a focus on application security Understanding and demonstrative experience addressing vulnerabilities including:
HTTP request smuggling Cross-site request forgery Server-side request forgery XML external entity injection SQL injection Cross-site scripting OS command injection File path traversal Experience with MS-SQL, C#/MVC Razor, JQuery/angular.js, IIS stack development Demonstrated experience with PCI compliant applications Git source control Highly Desirable:
Cyber security certifications such as CEH, CISSP or CompTIA