Senior Consultant - Tech Consulting - NAT - CNS - TC - .Net Fullstack with React - Bangalore

Requisition Id : 1595463

Job Title: Full Stack Engineer – .NET Core + React (Security Remediation Team)
_x000D_ Experience - 5+ Years Only

Location: Bangalore
Notice Period: Maximum 10 Days

Job Summary:
_x000D_ As a Full Stack Engineer with expertise in .NET Core and React, you will play a pivotal role in EY's Security Remediation Team. Your primary focus will be on developing secure and scalable web applications, ensuring that robust security practices are integrated throughout the development lifecycle. In this dynamic role, you will enhance code security, ensure compliance with security standards, and implement best practices to safeguard applications against common vulnerabilities.

Key Responsibilities:

• Design and develop secure, enterprise-level web applications utilizing .NET Core and React, while adhering to best practices for code security and secure coding principles.
• Collaborate with cross-functional teams to gather security requirements, design system architecture, and deliver secure software solutions.
• Write clean, maintainable, and secure code in C# and .NET Core, incorporating request sanitization, input validation, and other security controls to mitigate vulnerabilities such as SQL injection, XSS, and CSRF.
• Enhance and remediate existing applications by identifying and addressing security vulnerabilities within the codebase.
• Conduct code reviews to ensure compliance with security standards, applying security testing techniques and maintaining proper documentation.
• Partner with the security team to integrate security best practices throughout the Software Development Life Cycle (SDLC).
• Investigate and implement security tools and techniques (e.g., static and dynamic code analysis, security scanning) to continuously enhance the security posture of applications.
• Test, deploy, and maintain secure applications, ensuring prompt remediation of vulnerabilities through the use of security-focused development tools.
• Develop comprehensive documentation for security processes and decisions, ensuring alignment with internal security guidelines and industry standards.
• Stay informed about emerging security trends, threats, and technologies, and recommend practices and tools to bolster application security.

Qualifications:

• Bachelor’s degree in Computer Science, Engineering, or a related field.
• Proven experience as a Full Stack Developer or in a similar role, with a strong emphasis on secure software development.
• In-depth knowledge of .NET Core and C#, with expertise in Object-Oriented Programming (OOP) concepts.
• Practical experience in React for developing secure front-end interfaces.
• Solid understanding of security concepts such as request sanitization, input validation, and secure coding practices to protect against OWASP Top 10 vulnerabilities.
• Familiarity with secure architecture styles/APIs (e.g., REST, GraphQL, RPC) and security protocols (e.g., OAuth2, JWT).
• Experience with SQL/NoSQL databases, including secure data handling and storage practices.
• Proficient in Git and other version control systems.
• Excellent troubleshooting, debugging, and communication skills, with the ability to articulate security-related issues to both technical and non-technical stakeholders.
• Detail-oriented, with a commitment to writing secure, high-quality code.

Preferred Skills:

• Familiarity with Azure DevOps and CI/CD pipelines, integrating security testing into continuous delivery workflows.
• Knowledge of unit testing frameworks such as NUnit or xUnit, with experience in writing security tests for codebases.
• Familiarity with front-end build pipelines and tools for securing client-side code.
• Knowledge of security testing tools like OWASP ZAP, SonarQube, Mend, CheckMarx, or other static/dynamic analysis tools.

Why EY?
_x000D_ At EY, we are committed to building a secure digital future. As a member of our Security Remediation Team, you will have the opportunity to leverage your Full Stack Development expertise in a security-focused environment, collaborating with security professionals to enhance the integrity and resilience of enterprise applications. You will also have access to growth and development opportunities within a global organization.