Senior Security Application Developer

This is a fully remote position, open to applicants in Arizona, +15 more states.

📋 Description

• Supervise and improve the effectiveness of our software development and deployment methodologies.

• Ensure smooth integration and continuous delivery of software solutions.

• Incorporate security into the Software Development Life Cycle (SDLC), facilitating secure-by-design applications, while expanding AppSec practices across engineering teams.

• Collaborate closely with internal software developers, IT professionals, and other stakeholders to optimize workflows.

• Automate processes and adopt best practices in configuration management, infrastructure as code, and monitoring.

• Manage resources, set strategic objectives, and drive innovation to support scalable and secure software solutions.

• Design, develop, and maintain secure application components, frameworks, and tools (SAST, DAST, custom scanners, CI/CD integrations).

• Conduct threat modeling, architecture reviews, and provide secure design guidance for web, API, cloud, and microservice-based systems.

• Identify, triage, and resolve vulnerabilities through code reviews, automated testing, and manual analysis.

• Collaborate with all development teams to integrate security controls into CI/CD pipelines and development workflows.

• Establish and advocate for secure coding standards and best practices aligned with OWASP Top 10 and contemporary AppSec frameworks.

• Lead efforts in vulnerability remediation guidance and directly contribute to addressing security issues in core codebases.

• Assist in incident response activities, including application-level root cause analysis and corrective measures.

• Enhance developer security awareness through coaching, documentation, and internal security advocacy.

• Train and mentor application developers on security and design principles.

• Collaborate closely with the Application Development Manager concerning project resource allocation and utilization.

• Develop and maintain documentation and testing methodologies for secure coding standards.

• Manage and sustain the infrastructure necessary for development and production environments, ensuring scalability, reliability, and security.

• Work with IT and other departments to align infrastructure requirements with organizational objectives.

• Act as a liaison between development, operations, and other departments to ensure alignment and effective communication.

• Ensure that security best practices are embedded in the development and deployment processes.

• Stay informed about the latest trends and technologies in DevOps and software development.

• Lead continuous improvement initiatives to foster a strong DevOps security culture and best practices within the organization.

• Participate in code reviews to ensure compliance with standards and specifications.

• Perform other duties as assigned.

⛳️ Requirements

• Bachelor’s degree with major coursework in Computer Science or Information Systems; or a combination of education and relevant work experience is required.

• Trade training is preferred; a minimum of 5 years of relevant experience is required, ideally in a professional services environment.

• Proven experience in building applications on the .Net platform within a hosted Web/SaaS context.

• In-depth knowledge of secure coding practices (input validation, authentication/authorization, secrets management, error handling).

• Experience addressing vulnerabilities such as SQL injection, XSS, IDOR, SSRF, authentication bypass, and insecure deserialization (OWASP Top 10).

• Practical experience utilizing SAST, DAST, SCA, and IAST tools, with the ability to interpret results beyond mere tool output.

• Solid security knowledge of Azure application services (IAM, managed identities, app gateways).

• Familiarity with secure build pipelines, dependency scanning, artifact signing, and secrets detection.

• Proven track record of embedding security into CI/CD pipelines (GitHub Actions, Azure DevOps, GitLab CI, etc.).

• Excellent working knowledge of Application Development using Microsoft .Net Framework, .Net Core, C#, React or Angular, and SQL Server.

• Ability to develop and implement SQL scripts, Stored Procedures, and ETL processes.

• Experience with Web Services, XML, SOA, REST, JSON.

• Proficient in ASP.NET MVC.

• Knowledge of secure API design (OAuth2/OIDC, JWT, scopes, mTLS, rate limiting).

• Strong understanding of REST API creation and consumption.

• Experience in Full Stack Development.

• Comprehensive understanding of application life cycles and client/server architectures in an enterprise setting.

• Excellent troubleshooting abilities and root cause analysis skills.

• Familiarity with Entity Framework Code First and Unit Testing.

• Experience with Microsoft Azure Web Apps, Function Apps, API Apps, and Logic Apps.

🏝️ Benefits

• Medical and dental coverage.

• Life insurance.

• Short-term and long-term disability insurance.

• Pre-tax flexible spending account for certain medical and dependent care expenses.

• Employee assistance program.

• Paid Time Off.

• Paid holidays.

• Participation in a retirement plan program after meeting eligibility requirements.

• And more.