Senior Consultant - Tech Consulting - NAT - CNS - TC - .Net Fullstack with Angular - Bangalore

Requisition Id : 1595462

Job Title: Full Stack Engineer – .NET Core + Angular (Security Remediation Team)

Experience - 5+ Years
Location: Bangalore
Notice Period: 10 Days (maximum)

Job Summary:
_x000D_ As a Full Stack Engineer with expertise in .NET Core and Angular, you will play a vital role in EY's Security Remediation Team. Your primary focus will be on developing secure and scalable web applications, embedding robust security practices throughout the development lifecycle. In this dynamic environment, you will enhance code security, ensure compliance with security standards, and implement best practices to safeguard applications against common vulnerabilities.

Key Responsibilities:

• Design and develop secure, enterprise-level web applications utilizing .NET Core and Angular, following best practices for code security and secure coding principles.
• Collaborate with cross-functional teams to gather security requirements, design system architecture, and deliver secure software solutions.
• Write clean, maintainable, and secure code in C# and .NET Core, incorporating request sanitization, input validation, and other security controls to mitigate vulnerabilities such as SQL injection, XSS, and CSRF.
• Enhance and remediate existing applications by identifying and addressing security vulnerabilities within the codebase.
• Conduct code reviews to ensure adherence to security standards, applying security testing techniques and maintaining proper documentation.
• Work closely with the security team to integrate security best practices throughout the Software Development Life Cycle (SDLC).
• Investigate and implement security tools and techniques (e.g., static and dynamic code analysis, security scanning) to continuously enhance the security posture of applications.
• Test, deploy, and maintain secure applications, ensuring timely remediation of vulnerabilities through the use of security-focused development tools.
• Develop documentation for security processes and decisions, ensuring compliance with internal security guidelines and industry standards.
• Stay informed about emerging security trends, threats, and technologies, and recommend practices and tools to strengthen application security.

Qualifications:

• Bachelor’s degree in Computer Science, Engineering, or a related field.
• Proven experience as a Full Stack Developer or in a similar role, with a focus on secure software development.
• Strong knowledge of .NET Core and C#, with expertise in Object-Oriented Programming (OOP) concepts.
• Practical experience in Angular for developing secure front-end interfaces.
• Solid understanding of security concepts such as request sanitization, input validation, and secure coding practices to protect against OWASP Top 10 vulnerabilities.
• Familiarity with secure architecture styles/APIs (e.g., REST, GraphQL, RPC) and security protocols (e.g., OAuth2, JWT).
• Experience with SQL/NoSQL databases, including secure data handling and storage practices.
• Proficient in Git and other version control tools.
• Excellent troubleshooting, debugging, and communication skills, with the ability to convey security-related issues to both technical and non-technical stakeholders.
• Detail-oriented, with a commitment to writing secure, high-quality code.

Preferred Skills:

• Familiarity with Azure DevOps and CI/CD pipelines, integrating security testing into continuous delivery workflows.
• Knowledge of unit testing frameworks such as NUnit or xUnit, with experience in writing security tests for codebases.
• Familiarity with front-end build pipelines and tools for securing client-side code.
• Knowledge of security testing tools like OWASP ZAP, SonarQube, Mend, CheckMarx, or other static/dynamic analysis tools.

Why EY?
_x000D_ At EY, we are committed to building a secure digital future. As a member of our Security Remediation Team, you will have the opportunity to leverage your Full Stack Development expertise in a security-focused environment, collaborating with security professionals to enhance the integrity and resilience of enterprise applications. You will also have access to growth and development opportunities within a global organization.