EY Senior Consultant - Tech Consulting NAT 

India, Karnataka, Bengaluru 

403242876

Requisition Id : 1595463

Full Stack Engineer – .NET Core + React (Security Remediation Team)
Experience - 5+ Years Only

Maximum 10 Days

Key Responsibilities:

• Design and develop secure, enterprise-level web applications utilizing .NET Core and React, while adhering to best practices for code security and secure coding principles.
• Collaborate with cross-functional teams to gather security requirements, design system architecture, and deliver secure software solutions.
• Write clean, maintainable, and secure code in C# and .NET Core, incorporating request sanitization, input validation, and other security controls to mitigate vulnerabilities such as SQL injection, XSS, and CSRF.
• Enhance and remediate existing applications by identifying and addressing security vulnerabilities within the codebase.
• Conduct code reviews to ensure compliance with security standards, applying security testing techniques and maintaining proper documentation.
• Partner with the security team to integrate security best practices throughout the Software Development Life Cycle (SDLC).
• Investigate and implement security tools and techniques (e.g., static and dynamic code analysis, security scanning) to continuously enhance the security posture of applications.
• Test, deploy, and maintain secure applications, ensuring prompt remediation of vulnerabilities through the use of security-focused development tools.
• Develop comprehensive documentation for security processes and decisions, ensuring alignment with internal security guidelines and industry standards.
• Stay informed about emerging security trends, threats, and technologies, and recommend practices and tools to bolster application security.

Qualifications:

• Bachelor’s degree in Computer Science, Engineering, or a related field.
• Proven experience as a Full Stack Developer or in a similar role, with a strong emphasis on secure software development.
• In-depth knowledge of .NET Core and C#, with expertise in Object-Oriented Programming (OOP) concepts.
• Practical experience in React for developing secure front-end interfaces.
• Solid understanding of security concepts such as request sanitization, input validation, and secure coding practices to protect against OWASP Top 10 vulnerabilities.
• Familiarity with secure architecture styles/APIs (e.g., REST, GraphQL, RPC) and security protocols (e.g., OAuth2, JWT).
• Experience with SQL/NoSQL databases, including secure data handling and storage practices.
• Proficient in Git and other version control systems.
• Excellent troubleshooting, debugging, and communication skills, with the ability to articulate security-related issues to both technical and non-technical stakeholders.
• Detail-oriented, with a commitment to writing secure, high-quality code.

Preferred Skills:

• Familiarity with Azure DevOps and CI/CD pipelines, integrating security testing into continuous delivery workflows.
• Knowledge of unit testing frameworks such as NUnit or xUnit, with experience in writing security tests for codebases.
• Familiarity with front-end build pipelines and tools for securing client-side code.
• Knowledge of security testing tools like OWASP ZAP, SonarQube, Mend, CheckMarx, or other static/dynamic analysis tools.