Key skills
AWSCloudDockerGradleJavaJavaScriptKubernetesMavenNode.jsSpringSpring BootSpringBootSQLAIGenerative AIGenAINodeJSBedrockJWTREST APICI/CDSnykSonarQubeCheckmarxOWASP
About this role
Role Overview
- Analyze, triage, and remediate vulnerabilities identified via SAST, DAST, and software composition analysis tools such as SonarQube, Veracode, Snyk, and Checkmarx.
- Refactor insecure Java and Node.js codebases to mitigate vulnerabilities such as SQL Injection, XXE, XSS, CSRF, Deserialization, and Authentication flaws.
- Patch and upgrade vulnerable third-party dependencies using Maven/Gradle, and validate post-remediation effectiveness.
- Leverage Generative AI tools (e.g., AWS Bedrock) to build or enhance automation workflows for:
- Auto-remediation of common vulnerability patterns
- Code recommendations and patch generation
- AI-driven security analysis and triage assistance
- Automate vulnerability remediation and validation within CI/CD pipelines, improving security velocity and reducing manual effort.
- Strengthen security configurations in Spring Boot, REST APIs, Node.js services, and Tomcat-based deployments.
- Perform secure code reviews, provide remediation guidance, and promote secure coding best practices across development teams.
- Collaborate with InfoSec and DevOps teams to validate fixes, perform re-scans, and close vulnerability tickets.
- Stay current on security advisories, OWASP Top 10, CWE/SANS 25, and Java/Tomcat ecosystem updates.
Requirements
- 6+ years of experience
- Must Have: NodeJS, vulnerability remediation, and security, Java
- Strong hands-on experience with Core Java, Spring Boot, Tomcat, and REST API development
- Proficiency in secure coding principles and application vulnerability remediation
- Experience remediating issues identified by tools like Veracode, Checkmarx, SonarQube, or Snyk
- Knowledge of dependency management and patching practices using Maven or Gradle
- Familiarity with Node.js security configurations and remediation techniques
- Experience with OAuth2/JWT, input validation, encryption, and secure session management
- Understanding of Docker, Kubernetes, and security considerations in cloud-native applications
- Preferred: Experience with automating vulnerability remediation using GenAI platforms (e.g., AWS Bedrock, Amazon CodeWhisperer)
- Exposure to DevSecOps pipelines, including automated security scans and policy enforcement
- Strong understanding of Spring Security, secure API design, and infrastructure hardening
- Certifications such as CEH, CSSLP, GSSP-Java, or similar are a plus.
Tech Stack
- AWS
- Cloud
- Docker
- Gradle
- Java
- JavaScript
- Kubernetes
- Maven
- Node.js
- Spring
- Spring Boot
- SpringBoot
- SQL