Application Security Developer
Kforce Inc.

RESPONSIBILITIES:

Kforce is looking for an Application Security Developer for an opportunity with a large organization in the Topeka, KS area.Responsibilities:

• Securing APIs: Work with development teams to secure both internal and external APIs using the Azure API Management product
• Maintain and Develop Software: Responsible for maintaining existing security solutions and developing new software solutions for the organization
• Security Design: Partner with development teams to ensure security is integrated into application designs, providing secure design guidance
• Vulnerability Assessment: Code reviews, and penetration tests to identify vulnerabilities such as SQL injection, XSS, CSRF, and others
• Secure Coding Practices: Promote and ensure adherence to secure coding practices by establishing coding standards, offering training, and providing remediation guidance
• Threat Modeling: Develop and maintain threat models to identify potential risks and implement preventive security measures early in the development cycle
• Incident Management & Response: Assist in incident response, investigating security breaches, and providing recommendations for securing applications against similar threats in the future
• Collaboration: Work closely with software developers and DevOps to ensure alignment and execution of security best practices across the entire SDLC
• Compliance & Governance: Ensure that applications meet compliance requirements such as HIPAA and participate in audits, as necessary
• Research & Development: Stay up to date with the latest security trends, threats, and tools to proactively defend against evolving cyber risks

REQUIREMENTS:

• High School diploma/GED or equivalent required; Bachelor's degree or completion of a Computer Science Program from a Technical Trade School preferred
• Minimum of two years of experience in application development, with a thorough knowledge of at least one programming language, is required

Bonus if you have:

• Experience with C# .NET, Azure Isolated Functions and App Services, Blazor, and .NET 6 & 8
• Extensive experience with RESTful APIs, Swagger, and Open API docs
• Experience with OKTA
• Experience with securing APIs
• Deep understanding of web application security vulnerabilities and their remediation (e.g., SQL injection, XSS, CSRF, etc.)
• Strong knowledge of secure coding practices in languages such as Java, C#, JavaScript, Vue, React, etc.
• Knowledge of Authorization and Authentication concepts such as SAML, OIDC, OAuth 2.0, and PKCE
• Understanding of Zero Trust security models and Identity & Access Management (IAM)
• Familiarity with cloud security (AWS, Azure, or GCP)

---