Java Engineer Application Security Remediation

Overview

On Site
Accepts corp to corp applications
Contract - Contract

Skills

Java Engineer

Job Details

Job Title: Java Engineer Application Security Remediation
Location: Dallas, TX - St Loius, NJ

About the Role:

We are seeking a Java Engineer with strong expertise in secure coding, vulnerability management, and application hardening. You will be responsible for analyzing, fixing, and validating vulnerabilities across our Java-based & Node.js based applications.

This role involves working closely with security, QA, and platform teams to ensure that all identified vulnerabilities are remediated effectively and that our software meets modern security standards.

Key Responsibilities:

  • Analyze and fix vulnerabilities detected via SAST, DAST, and dependency analysis tools such as SonarQube, Veracode, Snyk, or Checkmarx.
  • Refactor code to mitigate risks like SQL Injection, XXE, deserialization attacks, XSS, CSRF, and authentication flaws.
  • Patch and upgrade vulnerable third-party libraries and dependencies (Maven/Gradle).
  • Collaborate with InfoSec and DevOps to validate and re-test remediations.
  • Perform secure code reviews and recommend best practices to developers.
  • Enhance Spring Boot, REST API, Node.js and microservices security configurations.
  • Contribute to improving automation in CI/CD for continuous vulnerability scanning.
  • Stay current with the OWASP Top 10, CWE/SANS 25, and Java security updates.

Required Skills:

  • Strong proficiency in Core Java, Spring Boot, Node.js and REST API development.
  • Solid understanding of secure coding principles and application security fundamentals.
  • Experience in remediating vulnerabilities identified by automated scanning tools.
  • Familiarity with dependency management and patching libraries using Maven or Gradle.
  • Hands-on experience with JWT/OAuth2, input validation, and encryption techniques.
  • Working knowledge of Docker, Kubernetes, or cloud security principles.

Preferred Qualifications:

  • Familiarity with DevSecOps pipelines and automated vulnerability management.
  • Knowledge of static and dynamic code analysis tools.
  • Experience with Spring Security and secure REST API design.
  • Certifications such as CEH, CSSLP, or GIAC Secure Software Programmer (GSSP-Java).

Soft Skills:

  • Analytical and detail-oriented problem solver.
    Strong communication and documentation skills.
  • Collaborative mindset to work across engineering, security, and operations teams.
  • Commitment to building secure, maintainable, and high-quality applications.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.