Java Full Stack Engineer - Professional

Overview

Accepts corp to corp applications
100% Travel

Skills

Testing
Build Automation
Software Security
Software Development
GitLab
Collaboration
Threat Modeling
Risk Assessment
Documentation
Security Controls
Java
Fortify
Burp Suite
Continuous Integration
Continuous Delivery
Jenkins
DevOps
GitHub
OWASP
RESTful
Spring Framework
Code Review
Unit Testing
Scripting
Python
Bash
Groovy
DevSecOps
Cloud Security
Amazon Web Services
Microsoft Azure
Google Cloud
Google Cloud Platform
Debugging
Docker
Kubernetes
Certified Ethical Hacker
OSCP
Terraform
IMG
Management
LinkedIn
HSE
EHS
Profit And Loss
Presentations
SAP PP
Technical Direction

Job Details

Job Title: Java Developer with Security Automation (SAST, DAST)

Location: McLean, VA


Type: Contract

Job Summary:

We are seeking a skilled Java Developer with hands-on experience in Security Automation using SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) tools. The ideal candidate will contribute to secure software development practices and build automation frameworks to integrate security into the CI/CD pipeline. This role requires a strong Java development background, DevSecOps mindset, and expertise in application security tools and processes.

Key Responsibilities:

  • Design, develop, and maintain secure Java applications following best practices.
  • Integrate SAST and DAST tools into the software development lifecycle (e.g., SonarQube, Fortify, Veracode, Checkmarx, OWASP ZAP, Burp Suite).
  • Automate security scans and validation within CI/CD pipelines (e.g., Jenkins, GitLab, GitHub Actions).
  • Analyze scan results and work with developers to remediate vulnerabilities.
  • Collaborate with DevOps and Security teams to enforce secure coding standards.
  • Develop custom scripts and tools for security automation.
  • Assist in threat modeling and risk assessment processes.
  • Maintain documentation on security controls and technical procedures.
  • Stay updated on security vulnerabilities, exploits, and industry trends.

Required Skills:

  • Core Java (8 or above) development experience (5+ years).
  • Experience with SAST tools like Fortify, SonarQube, Veracode, Checkmarx.
  • Experience with DAST tools like OWASP ZAP, Burp Suite, Acunetix.
  • Hands-on experience integrating security tools into CI/CD pipelines (Jenkins, Azure DevOps, GitHub Actions, etc.).
  • Familiarity with OWASP Top 10, secure coding practices, and vulnerability remediation.
  • Working knowledge of RESTful APIs, Spring Framework (Spring Boot is a plus).
  • Experience with code review, unit testing, and static analysis tools.
  • Scripting knowledge: Python, Bash, Groovy (optional but preferred).
  • Understanding of DevSecOps principles and cloud security (AWS/Azure/Google Cloud Platform).
  • Strong debugging and troubleshooting skills.

Preferred Qualifications:

  • Experience with container security tools (e.g., Docker, Kubernetes with tools like Anchore, Aqua, Twistlock).
  • Security certifications (e.g., CSSLP, CEH, OSCP, GIAC) are a plus.
  • Familiarity with Infrastructure as Code (IaC) security tools like Terraform, Checkov, or TFSec.

Maniteja Kamma
US IT Recruiter
Direct: +1
Email:

Linkedin-

Note: This is not an unsolicited mail. If you are not interested in receiving our e-mails then please reply with subject line Remove

OKCancel
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

About Sage IT Inc