Java Developer (Application Security)
Role details
Job location
Tech stack
Job description
Java Developer with Application Security expertise to design, develop, and maintain secure enterprise-grade Java applications. The ideal candidate will possess strong Java/J2EE development skills along with hands-on experience identifying, analyzing, and remediating application security vulnerabilities.
This role requires close collaboration with development, infrastructure, and security teams to ensure applications comply with enterprise security standards and secure coding best practices., * Design, develop, and maintain secure Java/J2EE-based applications.
- Build and support backend components using:
- Core Java
- Spring MVC
- EJB
- Hibernate
- JPA
- Identify, analyze, and remediate application security vulnerabilities, including:
- Cross-Site Scripting (XSS)
- Cross-Site Request Forgery (CSRF)
- Insecure Direct Object References (IDOR)
- Session Fixation
- Path Traversal
- Collaborate with security teams to address findings from:
- Vulnerability Assessments
- Penetration Testing
- Security Audits
- Implement secure coding practices including:
- Input Validation
- Output Encoding
- Authentication & Authorization Controls
- Maintain and upgrade third-party libraries and frameworks, ensuring vulnerable versions are removed.
- Configure and enforce web security controls such as:
- Content Security Policy (CSP)
- Secure Cookies (HttpOnly, Secure, SameSite)
- Cache Control Directives
- Troubleshoot and resolve application issues including:
- HTTP 500 Errors
- Session Management Problems
- Application Performance and Security Issues
- Participate in Agile/Scrum ceremonies and collaborate with cross-functional teams.
Requirements
Do you have experience in Vulnerability management?, * Minimum 5+ years of experience in Java/J2EE application development.
- Strong hands-on expertise with:
- Java 8+
- Spring MVC
- EJB
- Hibernate
- JPA
- Minimum 3+ years of Application Security experience, including vulnerability remediation.
- Experience addressing security vulnerabilities such as:
- XSS
- CSRF
- IDOR
- Session Management Vulnerabilities
- Path Traversal
- Experience implementing secure coding and OWASP best practices.
- Minimum 1+ year of Agile/Scrum experience.
- Strong debugging and troubleshooting skills.
Preferred Qualifications
- Experience with IBM WebSphere Application Server.
- Knowledge of OWASP Top 10 security risks and mitigation strategies.
- Experience working with security scanning and vulnerability management tools.
- Familiarity with JavaScript libraries such as:
- Axios
- jQuery
- Ext JS
Benefits & conditions
Pulled from the full job description
- Health insurance
- Paid time off
- Vision insurance
- Health savings account
- Dental insurance, * Dental insurance
- Health insurance
- Health savings account
- Paid time off
- Vision insurance