• This is a .net development position with a specific focus on enhancing/modifying/extending the security posture of various agency applications.
• This position will require 8+ years of very solid .net development experience covering a variety of technologies including, asp.net, c#, WCF services, X509 certificate use for two factor authentication, web
services, framework 2.0 through 4.5, SQL/Oracle development experience (stored procedures, tables, views, etc), experience securing .net applications using best practice methodologies (whitelisting, cross-site
scripting defense, session management, input validation/sanitizing, etc).
• A specific focus on security to include penetration testing of apps and using the code scanning tool HP Fortify.
• One or more (more than one preferred) of the following certifications
• C.A.S.E- certified application security engineer
• CEH-certified ethical hacker, CASS - Certified application security specialist
• CPT-certified penetration tester, GSSP-Secure software programmer (.net)
• GWEB-Web application defender.