Posted 08 July, 2026
Software Engineer 4 (C#,. Net core, CLR Internals)
Black Duck Software, Inc.
Bangalore
Full Time
Reference: 102_715144_5286618008
About the Role:
We are looking for a Hands-on Software Engineer 4 to work on our Seeker Inline Agent for .NET - a dynamic application security testing (DAST) agent that instruments .NET applications at runtime to detect security vulnerabilities. You will work across C#, C++, and multiple .NET runtime versions to build and maintain profiler-based instrumentation, security checkers, and platform integrations.
Responsibilities:
- Design, develop, and maintain the .NET agent core, including security checkers (SQLi, XSS, CSRF, deserialization, etc.) and taint analysis engine
- Develop and optimize native C++ profilers using the CLR Profiling API for both .NET Framework and .NET Core/.NET 5+
- Support multi-platform builds targeting Windows (x64), Linux (x64, ARM64), and Alpine/musl environments
- Extend agent capabilities to new .NET versions (.NET 8, 9, 10+) and hosting models (AWS Lambda, Azure Functions, gRPC, OWIN, WCF)
- Collaborate on CI/CD pipelines (GitLab CI) across multiple OS targets and Docker-based build environments
- Write and maintain unit tests (NUnit) and integration tests across framework versions
- Troubleshoot low-level runtime issues involving IL rewriting, method interception, and memory management
- Participate in code reviews, architecture discussions, and contribute to build system improvements (Cake Build, CMake, MSBuild)
Required Skills:
- 9+ years of professional software development experience
- Strong C# proficiency across .NET Framework (3.5-4.8.1) and .NET Core/.NET 5+ (up to .NET 10)
- C++ experience - working with native interop, COM, and platform APIs (CLR Profiling API is a strong plus)
- Deep understanding of the .NET CLR internals - assembly loading, JIT compilation, IL metadata, type system
- Experience with multi-platform development (Windows & Linux)
- Proficiency with CMake, MSBuild, and complex build orchestration
- Strong debugging skills - ability to diagnose issues across managed/native boundaries
- Experience with Git and CI/CD pipelines (GitLab CI preferred)
Preferred Skills:
- - Experience in application security, DAST/IAST, or security instrumentation
- - Knowledge of OWASP Top 10 vulnerabilities and detection techniques
- - Experience with Docker containerization and multi-arch builds (x64, ARM64, Alpine)
- - Familiarity with serverless platforms (AWS Lambda, Azure Functions)
- - Experience with WiX installer authoring and NuGet packaging
- - Knowledge of code obfuscation techniques
- - Familiarity with logging frameworks (log4net, spdlog, NLog)
- - Experience with WebSocket communication protocols
Tech Stack:
Layer |
Technologies |
Languages |
C#, C++, PowerShell |
Frameworks |
.NET Framework 3.5-4.8.1, .NET Core 2.0-3.1, .NET 5-10 |
Build |
Cake Build, CMake, MSBuild, GitLab CI |
Native |
CLR Profiling API, COM, spdlog, TBB |
Testing |
NUnit, Integration test harness |
Platforms |
Windows x64, Linux x64/ARM64, Alpine |
Packaging |
NuGet, WiX Installer |
Nice to Have:
- Experience contributing to profilers, APM agents, or runtime instrumentation tools
- Background in reverse engineering or binary analysis
- Familiarity with ReSharper code inspection tooling