Java Developer (Application Security)

WACKOWAVE INC
Raleigh, United States of America
1 month ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Junior
Compensation
$ 120K

Job location

Raleigh, United States of America

Tech stack

Java
Software System Penetration Testing
Application Performance Management
Encodings
Cross-Site Request Forgery
Data Validation
Software Debugging
Enterprise JavaBeans
Java Platform Enterprise Edition (J2EE)
Ext JS
Hibernate
IBM Websphere Application Server
Java Persistence API
JavaScript Libraries
jQuery
Open Web Application Security
Scrum
Secure Coding
Web Application Security
Session Management
Software Engineering
Software Vulnerability Management
Java Application Server
Spring-mvc
Software Security
Cross-Site Scripting (XSS)
Backend
Vulnerability Analysis

Job description

Java Developer with Application Security expertise to design, develop, and maintain secure enterprise-grade Java applications. The ideal candidate will possess strong Java/J2EE development skills along with hands-on experience identifying, analyzing, and remediating application security vulnerabilities.

This role requires close collaboration with development, infrastructure, and security teams to ensure applications comply with enterprise security standards and secure coding best practices., * Design, develop, and maintain secure Java/J2EE-based applications.

  • Build and support backend components using:
  • Core Java
  • Spring MVC
  • EJB
  • Hibernate
  • JPA
  • Identify, analyze, and remediate application security vulnerabilities, including:
  • Cross-Site Scripting (XSS)
  • Cross-Site Request Forgery (CSRF)
  • Insecure Direct Object References (IDOR)
  • Session Fixation
  • Path Traversal
  • Collaborate with security teams to address findings from:
  • Vulnerability Assessments
  • Penetration Testing
  • Security Audits
  • Implement secure coding practices including:
  • Input Validation
  • Output Encoding
  • Authentication & Authorization Controls
  • Maintain and upgrade third-party libraries and frameworks, ensuring vulnerable versions are removed.
  • Configure and enforce web security controls such as:
  • Content Security Policy (CSP)
  • Secure Cookies (HttpOnly, Secure, SameSite)
  • Cache Control Directives
  • Troubleshoot and resolve application issues including:
  • HTTP 500 Errors
  • Session Management Problems
  • Application Performance and Security Issues
  • Participate in Agile/Scrum ceremonies and collaborate with cross-functional teams.

Requirements

Do you have experience in Vulnerability management?, * Minimum 5+ years of experience in Java/J2EE application development.

  • Strong hands-on expertise with:
  • Java 8+
  • Spring MVC
  • EJB
  • Hibernate
  • JPA
  • Minimum 3+ years of Application Security experience, including vulnerability remediation.
  • Experience addressing security vulnerabilities such as:
  • XSS
  • CSRF
  • IDOR
  • Session Management Vulnerabilities
  • Path Traversal
  • Experience implementing secure coding and OWASP best practices.
  • Minimum 1+ year of Agile/Scrum experience.
  • Strong debugging and troubleshooting skills.

Preferred Qualifications

  • Experience with IBM WebSphere Application Server.
  • Knowledge of OWASP Top 10 security risks and mitigation strategies.
  • Experience working with security scanning and vulnerability management tools.
  • Familiarity with JavaScript libraries such as:
  • Axios
  • jQuery
  • Ext JS

Benefits & conditions

Pulled from the full job description

  • Health insurance
  • Paid time off
  • Vision insurance
  • Health savings account
  • Dental insurance, * Dental insurance
  • Health insurance
  • Health savings account
  • Paid time off
  • Vision insurance

Apply for this position