Application Vulnerability Developer

Job Description

Job Title: Java Vulnerability Engineer Experience Required: 5+ Years Job Description: We are seeking a skilled Java Engineer with strong expertise in application security and vulnerability remediation . The ideal candidate will design, develop, and maintain secure Java applications while proactively identifying, analysing, and remediating vulnerabilities across the software lifecycle. This role bridges software engineering and cybersecurity , ensuring our applications meet both functional and security requirements. Key Responsibilities: Develop, test, and maintain scalable Java applications (Spring Boot, Hibernate, REST APIs). Perform secure code reviews and implement best practices for secure coding. Identify, triage, and remediate vulnerabilities reported by tools (e.g., SonarQube, Fortify, Veracode, OWASP ZAP). Collaborate with security teams to address findings from penetration tests and audits. Integrate security scanning tools into CI/CD pipelines for continuous monitoring. Apply patches and upgrades to frameworks, libraries, and dependencies to mitigate risks (e.g., CVEs). Document remediation steps and provide guidance to developers on secure coding standards. Qualifications: Strong proficiency in Java SE/EE and frameworks (Spring, Hibernate, JPA). Experience with application security concepts: authentication, authorization, encryption, input validation. Hands-on experience with static and dynamic analysis tools (SAST/DAST). Familiarity with dependency management and vulnerability scanning (Maven, Gradle, Snyk). Knowledge of secure software development lifecycle (SSDLC) . Understanding of common vulnerabilities (SQL injection, XSS, CSRF, insecure deserialization). Strong problem-solving and debugging skills.