Senior Security Application Developer

The Senior Security Application Developer will oversee and enhance the efficiency of our software development and deployment processes, ensuring seamless integration and continuous delivery. This position is focused on embedding security into the SDLC, enabling secure-by-design applications, and scaling AppSec practices across engineering teams. They are responsible for collaborating closely with internal software developers, IT professionals, and other stakeholders to streamline workflows, automate processes, and implement best practices in configuration management, infrastructure as code, and monitoring. The ideal candidate will have a strong background in cloud services, containerization, and CI/CD pipelines, with a focus on optimizing system performance, security and reliability.

Responsibilities include managing resources, setting strategic goals, and driving innovation to support scalable and secure software solutions. Excellent leadership, communication, and problem-solving skills are essential to foster a culture of collaboration and continuous improvement. Essential functions include:

• Design, develop, and maintain secure application components, frameworks, and tooling (SAST, DAST, custom scanners, CI/CD integrations).
• Perform threat modeling, architecture reviews, and secure design guidance for web, API, cloud, and microservice-based systems.
• Identify, triage, and remediate vulnerabilities through code reviews, automated testing, and manual analysis.
• Partner with all development teams to embed security controls into CI/CD pipelines and development workflows.
• Establish and promote secure coding standards and best practices aligned with OWASP Top 10 and modern AppSec frameworks.
• Lead vulnerability remediation guidance and contribute directly to fixing security issues in core codebases.
• Support incident response activities, including application-level root cause analysis and corrective actions.
• Elevate developer security awareness through coaching, documentation, and internal security evangelism.
• Training and mentoring application developers in security and design principles.
• Working closely with the Application Development Manager on project resourcing and utilization.
• Develops and maintains documentation and testing methodologies for secure coding standards.
• Manage and maintain the infrastructure required for development and production environments, ensuring scalability, reliability, and security.
• Collaborate with IT and other departments to align infrastructure needs with organizational goals.
• Serve as a liaison between development, operations, and other departments to ensure alignment and effective communication.
• Ensure that security best practices are integrated into the development and deployment processes.
• Stay updated with the latest trends and technologies in DevOps and software development.
• Drive continuous improvement initiatives to enhance the DevOps security culture and best practices within the organization.
• Participate in code reviews to represent reviewed work for adherence to standards and specifications.
• Other duties as assigned.

Do you have experience in XML?, Do you have a Bachelor's degree?, * Bachelor's degree with major coursework in Computer Science or Information Systems; or combination of education and commensurate work experience required.

• Trade Training preferred; 5 years' relevant experience required, preferably in professional services setting.
• Technical skills areas:

• Experience building applications on the .Net platform in a hosted Web/SaaS environment
• Deep understanding of secure coding practices (input validation, authentication/authorization, secrets handling, error handling
• Experience fixing vulnerabilities such as SQLi, XSS, IDOR, SSRF, auth bypass, and insecure deserialization (OWASP Top 10)
• Hands-on use of SAST, DAST, SCA, IAST tools and interpreting results beyond "tool output"
• Practical security knowledge of Azure application services (IAM, managed identities, app gateways)
• Experience with secure build pipelines, dependency scanning, artifact signing, and secrets detection
• Embedding security into CI/CD pipelines (GitHub Actions, Azure DevOps, GitLab CI, etc.)
• Excellent working knowledge of Application Development using Microsoft .Net Framework, .Net Core, C#, React or Angular and SQL Server
• Develop and implement SQL scripts, Stored Procedures and ETL processes
• Web Services, XML, SOA, REST, JSON
• ASP.NET MVC
• Secure API design (OAuth2/OIDC, JWT, scopes, mTLS, rate limiting)
• Sound knowledge of Rest API creation and consumption
• Full Stack Development experience
• Sound understanding of application life cycles and client/server architectures in an enterprise environment
• Excellent troubleshooting skills and root cause analysis
• Experience with Entity Framework Code First and Unit Testing
• Experience with Microsoft Azure Web Apps, Function Apps, Api Apps and Logic Apps

Pulled from the full job description

• Health insurance
• Retirement plan
• Paid time off
• Dental insurance
• Flexible spending account
• Life insurance
• Employee assistance program, Employees are entitled to compensation commensurate with skill and experience. The exact compensation will vary based on skills, experience, location, and other factors permitted by law. The expected compensation ranges for this position in various states and jurisdictions are as follows:
• State of California: $116,000- $237,000
• State of Colorado: $107,000- $191,000
• State of Illinois: $105,000- $204,000
• State of Massachusetts: $116,000- $222,000
• State of Maryland: $113,000- $171,000
• State of Minnesota: $116,000- $192,000
• Jersey City, NJ: $126,000- $229,000
• State of New York: $108,000- $234,000
• State of Vermont: $115,000- $220,000
• State of Washington: $113,000- $214,000
• Washington, D.C.: $150,000- $220,000

The above salaries do not include a discretionary bonus, however bonus opportunities are non-guaranteed, and are dependent upon individual and firm performance. Full-time employees receive benefits including: medical and dental coverage; life insurance; short-term and long-term disability insurance; pre-tax flexible spending account for certain medical and dependent care expenses; an employee assistance program; Paid Time Off; paid holidays; participation in a retirement plan program after meeting eligibility requirements; and more.

Husch Blackwell LLP is a full-service litigation and business law firm with multiple locations across the United States, serving clients with domestic and international operations. At Husch Blackwell we believe that diverse, equitable and inclusive teams lead to better outcomes. Husch Blackwell is committed to retaining, recruiting, developing, and promoting talented lawyers and business professionals with diverse backgrounds and experiences. We foster an engaged, diverse, and inclusive team culture of accountability and purpose that makes our Firm and our communities better.