Senior Dotnet Developer

Actively Reviewing the Applications

Zbyte Technologies

On-site

Posted 2 months ago • Apply by April 29, 2026

Job Description

We are looking for a skilled Senior. NET Developer with strong experience in secure application development, vulnerability assessment, and remediation practices. The ideal candidate should be proficient in the. NET ecosystem (C#, ASP. NET, NET Core) and have hands-on experience in implementing secure coding standards, identifying security flaws, and integrating DevSecOps practices into the development lifecycle.

Responsibilities

Design, develop, and maintain secure web applications using ASP. NET MVC /. NET Core / Web API.
Perform secure code reviews, vulnerability analysis, and penetration testing support during development.
Collaborate with security and DevOps teams to identify and fix vulnerabilities across the SDLC.
Implement and enforce OWASP Top 10 and SANS security standards in all development activities.
Work with tools like SonarQube, Fortify, Checkmarx, Veracode, Burp Suite, or OWASP ZAP for code and application scanning.
Ensure compliance with security policies, data privacy, and regulatory requirements (e. g., GDPR, ISO 27001).
Support incident response teams by analysing and resolving reported vulnerabilities.
Participate in threat modelling, risk assessment, and security design reviews.
Develop and maintain automated CI/CD pipelines with integrated security scans.
Mentor junior developers in secure coding practices and contribute to internal security knowledge sharing.

Requirements

Strong proficiency in C#, ASP. NET Core, Web API, LINQ, Entity Framework, SQL Server.
Hands-on experience with security testing tools (e. g., SonarQube, OWASP ZAP, Burp Suite, Fortify, Checkmarx).
Deep understanding of web application vulnerabilities (XSS, SQL Injection, CSRF, Authentication and Authorisation flaws, etc. ).
Experience implementing OAuth2 OpenID Connect, JWT, and IdentityServer.
Knowledge of SSL/TLS, HTTPS, encryption/decryption, and certificate management.
Experience in DevOps/DevSecOps practices using Azure DevOps, Jenkins, GitHub Actions, or similar.
Familiarity with container security (Docker, Kubernetes) and cloud security (Azure/AWS).
Understanding of API security and secure RESTful service design.
Certifications such as CEH, CSSLP, AZ-500 or similar are a plus.
Experience with microservices architecture and zero-trust security models.
Exposure to threat modelling frameworks (STRIDE, DREAD).
Awareness of compliance standards (PCI-DSS, SOC, and 2 NIST).
Strong problem-solving and analytical skills.
Excellent communication and documentation abilities.
Ability to work independently and as part of a cross-functional team.
Continuous learning mindset towards modern security and development trends.

This job was posted by Sam Ray from Zbyte Technologies.