About the role:

As a Software Engineer working on the Application Security Team, you will focus on API and application development that centralize, standardize and streamline application security decisions across all teams. You will work closely with the rest of our IT Security team to meet corporate security goals. You will work in conjunction with, and often ahead of, other Agile Scrum Teams to create a runway of secure development across the enterprise. You will also participate in application threat modeling exercises with our product teams to provide guidance on how to meet business objectives securely.

What's in it for you:

• $63,400 - $125,000 base salary and benefits package
• Paid relocation to Cincinnati, OH
• $5,000 signing bonus
• Advancement opportunities with structured career paths
• TQL's IT Team offers a hybrid work environment with the ability to work remotely 10 days per month  
• Access to the latest emerging technologies through Microsoft partnerships and Pluralsight subscriptions
• Reimbursement for continuous education and technical training
• We win wherever we go – Voted a 2019 and 2020 Computerworld Best Places to Work in IT
  
  

 

What you'll be doing:

• Write a mix of API, database and script/ETL code
• Work directly with the IT Security and Application Development Teams to gather requirements and implement services that are of high value
• Actively participate and lead architectural design sessions
• Support and maintain existing services and tools by troubleshooting issues and recommending improvements
• Contribute to the development, adoption, and enforcement of application security standards, controls and policies
• Participate in threat modeling, application vulnerability assessments and secure source code reviews
• Maintain focus on securing the enterprise
• Stay current on industry standard security best practices through any means necessary – books, blogs, podcasts, training
• See projects and product releases through completion
• Ensure internal customers and end-users are top priority
  
  

 

What you need:

• 5+ years of hands-on web development experience in .NET and C# framework
• 5+ years of experience with Web Services, JSON, XML and REST Technologies
• 5+ years of experience in any database technology, preferably SQL Server
• 1-2 years of experience in a scripting language – PowerShell preferred
• Advanced knowledge of the OAuth 2.0 specific and hands-on experience implementing different OAuth flows in enterprise applications
• In-depth knowledge of the OWASP Top 10 for APIs and web applications
• Experience securing cloud development resources, preferably in Microsoft Azure
• Comfortable with agile development and continuous integration build environments
• Experience with source control systems, preferably Azure DevOps
• Exposure to threat modeling, application penetration testing and secure code reviews is a plus, but not required
• Experience with Microsoft Azure B2C is a plus, but not required
• Kubernetes or similar cluster development experience is a plus, but not required