Java Developer

Day to Day job Duties: (what this person will do on a daily/weekly basis)

• Design, develop, and maintain secure Java/J2EE-based applications, ensuring adherence to enterprise security standards and best practices
• Identify, analyze, and remediate application security vulnerabilities such as XSS, CSRF, session fixation, IDOR, and path traversal issues
• Perform regular code reviews and security assessments to detect code smells, insecure patterns, and misconfigurations
• Collaborate with security teams to triage and resolve findings from vulnerability scans, penetration testing, and security audits
• Implement secure coding practices, including input validation, output encoding, and proper authentication/authorization mechanisms
• Update and manage third-party libraries (e.g., Axios, jQuery, Ext.js), ensuring no outdated or vulnerable versions are in use
• Configure and enforce web security controls such as CSP headers, secure cookies (HttpOnly, Secure, SameSite), and cache directives
• Debug and resolve issues related to HTTP errors (e.g., 500 errors), session management, and application behavior inconsistencies
• Work closely with frontend and backend teams to ensure consistency in validation and prevent security gaps between UI and server-side logic
• Analyze and secure APIs, including TPP/Open Banking integrations, ensuring proper authentication and data protection
• Participate in sprint planning, daily stand-ups, and backlog grooming with Agile teams to prioritize security and development tasks
• Document security fixes, technical designs, and remediation steps for knowledge sharing and audit readiness
• Support production releases, perform root cause analysis for incidents, and implement preventive measures
• Continuously research emerging security threats and recommend improvements to strengthen application security posture

Basic Qualifications: (what are the skills required to this job with minimum years of experience on each)

• Minimum 5+ years of experience in Java/J2EE development, including building and maintaining enterprise-level web applications
• At least 3+ years of hands-on experience in application security, including identifying and remediating vulnerabilities such as XSS, CSRF, IDOR, and session-related issues
• Minimum 3+ years of experience with web technologies such as HTML, CSS, JavaScript, and frameworks/libraries like jQuery, Axios, or Ext.js
• At least 2+ years of experience in secure coding practices, including input validation, output encoding, authentication, and authorization mechanisms
• Minimum 2+ years of experience working with RESTful APIs and web services, including securing APIs and handling authentication/authorization
• At least 2+ years of experience with application servers such as Apache Tomcat, WebLogic, or JBoss
• Minimum 2+ years of experience in vulnerability management tools (e.g., Fortify, Checkmarx, Veracode, or similar SAST/DAST tools)
• At least 2+ years of experience in debugging and resolving production issues, including HTTP errors and performance bottlenecks
• Minimum 1+ year of experience with security configurations, including CSP headers, secure cookies (HttpOnly, Secure, SameSite), and cache control mechanisms
• At least 1+ year of experience working in Agile/Scrum environments, participating in sprint ceremonies and collaborative development

Travel: This position requires 3 days in office either in Charlotte, NC or Jersey City, NJ. Degree: Bachelors in Computer Science or equivalent work experience

NTT DATA is a $30 billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long term success. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure and connectivity. We are one of the leading providers of digital and AI infrastructure in the world. NTT DATA is a part of NTT Group, which invests over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. Visit us at us.nttdata.com