Application Security Engineer / DevSecOps Engineer

We are seeking a Senior Java Application Security Engineer with a strong background in secure application development and cloud-native security. The ideal candidate will play a key role in building, securing, and deploying enterprise-grade applications using Java, Spring Boot, and containerized platforms on Azure.

NOTE: Interview Mode: In-Person Interview Required

Mandatory security certification (GWAPT / OSWE / CSSLP / CEH / Security+ / GIAC or equivalent)

Key Responsibilities:

• Design and develop secure Java / Spring Boot applications
• 3–4 years of hands-on Application Security / DevSecOps experience
• Identify and remediate vulnerabilities aligned with OWASP Top 10
• Perform application security reviews, threat modeling, and risk assessments
• Implement secure coding standards and security best practices
• Integrate security controls into CI/CD pipelines
• Secure REST APIs, authentication, and authorization mechanisms
• Work closely with DevOps teams to secure Docker containers and Kubernetes clusters
• Ensure compliance with security policies and regulatory standards

Required Skills & Experience:

• Strong hands-on experience in Java & Spring Boot
• Deep understanding of Application Security concepts
• Strong knowledge of OWASP Top 10, SAST, DAST, and vulnerability management
• Experience securing Microservices architectures
• Hands-on experience with Docker container security
• Experience with Kubernetes security (RBAC, secrets, network policies)
• Experience with Microsoft Azure security services
• Experience securing APIs (OAuth2, JWT, IAM concepts)
• Familiarity with DevSecOps practices and tools