Overall Purpose of the Job:
Benchmark Capital's Creative Technologies team build end-to-end solutions for financial advisers and their clients, bringing the power of technology to advice and wealth management.
Our team is looking for a Senior Application Security Developer at different experience levels to join our growing Application Security Developer Team. The team are critical to help validate that our services, applications, and websites are designed and implemented to the highest security standards. You will be responsible for analysing the security of applications and services, discovering and addressing security issues, building security automation, and quickly reacting to new threat scenarios. A security developer is expected to be strong in multiple domains and provide significant contributions to our Security Standards. You will be developing robust and maintainable solutions to complex business problems and applying appropriate technologies while following security engineering best practices. This role will provide career growth opportunities as you gain new security skills in the course of your duties. The core technologies used are:
Key Activities & Responsibilities:
- C#, ASP.NET Web forms, ASP.NET MVC, ASP.NET Core
- HTTP API's, messaging with NServicebus, containers
- SPA technologies such as React, and Blazor
- Typescript and Microsoft web technologies
- SQL Server, Azure Storage, and No SQL
- git, Team City and Octopus
- Azure PaaS and IaaS
- To implement and resolve issues identified, that form the backlog of security vulnerabilities across our applications
- Develop existing and new features to the product suite following the SAFe methodology
- To assist in Code reviews from other teams, with an emphasis on security
- To help drive a shift-left on Security into the development process across the organisation
- Actively helping the team to improve quality and best practices
- To monitor and review security vulnerabilities across the application suite and contribute to their resolution.
- Play a key role in keeping the system and applications up to date with regards to the latest security and identity trends.
- Experience of application security concepts, including but not limited to the latest OWASP Top 10 and common best-practices for mitigating against such attacks.
- Experience of modern authentication and authorization protocols, such as OpenId Connect and OAuth2.0.
- Experience of SAST and DAST tools would be advantageous.
- Working within an Agile methodology (e.g. SCRUM, Kanban)
- An appreciation of the world outside of Development - understanding the pressures and challenges facing key stakeholders across the business
- SOA / Microservices
- NServiceBus (or equivalent)
- SOLID Development
- Entity Framework
- Strong written and presentational skills
- Experience of leading projects within a small group of developers
- 6 years' experience as a Developer
- 3 years' experience of building web applications using ASP.NET web forms, C#, SQL Server
- 2 years' experience of ASP.NET MVC
In return, we can offer:
- A keen interest in application security
- Open and honest
- Strong interpersonal skills - able to work well with others
- Proactive and willing to take on additional responsibilities when there are clear resource gaps
- Outcome focused
- Highly motivated with an attention to detail
- Ability to manage tasks and workload - doing own work whilst supporting others
- Should be adaptable to shifting priorities and changing circumstances
- Should embrace mentoring, and learning from others
- Able to work well with a wide range of colleagues such as other developers, architects, product owners and testers
- Understand and recognise the importance of tackling technical debt, whilst still providing continuous value to the end users and business stakeholders
- A competitive salary with a desirable bonus and benefits package
- A great working environment
- Excellent development opportunities within an expanding business where you can really make an impact
- Many of our staff work flexibly in many different ways, including part-time. Please talk to us at interview about the flexibility you need