Web Developer Security Engineer (.NET)

TL;DR

Web Developer Security Engineer (.NET): Identifying and remediating critical vulnerabilities in web applications and APIs with an accent on threat modeling, secure design patterns, and DevSecOps automation. Focus on driving the vulnerability lifecycle, automating security monitoring, and ensuring compliance with federal cybersecurity frameworks.

Location: Hybrid in Washington, DC

Company

hirify.global is a professional services firm specializing in growth initiatives and technical security solutions for federal frameworks.

What you will do

• Analyze and remediate critical vulnerabilities, logic flaws, and misconfigurations in web applications and APIs.
• Drive the vulnerability lifecycle through threat modeling, security assessments, and technical validation.
• Implement secure design patterns, data protection mechanisms, and secure communication protocols.
• Review web server and application logs to detect anomalies and indicators of compromise.
• Develop automation scripts for threat intelligence integration and application security monitoring.
• Participate in audits, risk assessments, and security authorization activities tied to federal frameworks.

Requirements

• Minimum of 3 years of experience in web application security or secure SDLC.
• Proficiency with .NET, HTML5, CSS3, JavaScript, REST APIs, and SQL.
• Strong understanding of OWASP Top 10, WAFs, and security testing tools.
• Bachelor's degree or higher in Computer Science, Cybersecurity, or a related field.
• Ability to meet US federal screening and suitability requirements.
• Current security certifications (e.g., CSSLP, GWEB, CASE, OSWE, OSCP, Security+, or GSEC) maintained for a minimum of 5 years.

Nice to have

• In-depth experience with federal cybersecurity frameworks and authorization processes.
• Experience with resilient security architecture, cloud security, and container security.