Java Node.js Engineer Security Remediation

Job Title: Java/Node.js Engineer – Security Remediation

sravanthi@haparz.com

• About the Role We are seeking a highly skilled Java/Node.js Engineer with expertise in application security remediation, technical debt reduction, and automated vulnerability fixes.
• This role involves identifying, triaging, and remediating security vulnerabilities across Java, Node.js, Ruby on Rails, and WordPress applications.
• You will also drive automated remediation workflows and work with Generative AI tools (e.g., AWS Bedrock) to accelerate secure coding and vulnerability fixes.
• This position requires collaboration with InfoSec, QA, DevOps, Architecture, and development teams to continuously improve our security posture.
• Key Responsibilities Vulnerability Remediation & Secure Coding,Analyze, triage, and remediate vulnerabilities identified through SAST, DAST, and SCA tools (SonarQube, Veracode, Checkmarx, Snyk, OWASP ZAP).
• Refactor insecure Java, Node.js, Ruby on Rails, and WordPress codebases to fix issues such as: o SQL Injection, XXE, XSS o CSRF, SSRF o Insecure Deserialization o Authentication & session management flaws o Path traversal or file upload vulnerabilities
• Patch and upgrade vulnerable third-party dependencies (Maven, Gradle, npm, Bundler, Composer) and validate remediation results.
• Harden and secure configurations across: o Spring Boot APIs o Node.js/Express.js services o Ruby on Rails frameworks o WordPress environments and plugins
• Ensure fixes do not impact app functionality by performing regression testing and user flow validation. Automation & GenAI-Driven Security
• Integrate security checks and automated remediation into CI/CD pipelines (Jenkins, GitHub Actions).
• Build or enhance AI-driven security workflows using AWS Bedrock or equivalent GenAI platforms: o Auto-generate secure code patches o Summarize vulnerability reports o Suggest prioritized fixes o Provide real-time security recommendations for developers
• Develop custom scripts to automate scanning, remediation, and validation processes. Technical Debt & Platform Modernization
• Identify and fix legacy security issues across Java, Node.js, Rails, and WordPress applications.
• Modernize outdated components, remove deprecated libraries, and refactor insecure patterns.
• Harden Docker images, Linux environments, Kubernetes configurations, and AWS cloud setups. Collaboration & Continuous Improvement
• Work closely with InfoSec and QA teams to validate fixes, perform rescans, and close vulnerability tickets.
• Partner with development teams to promote secure coding best practices.
• Stay current on OWASP Top 10, CWE/SANS 25, CVEs, and emerging security threats across multiple tech stacks.

Required Skills

• Strong hands-on experience with Core Java, Spring Boot, REST APIs, Tomcat, and secure Java coding.
• Proficiency in Node.js, Express.js, JavaScript/TypeScript.
• Exposure to Ruby on Rails and WordPress, with the ability to assist in vulnerability remediation and secure configuration.
• Strong understanding of application vulnerabilities and mitigation techniques (e.g., XSS, CSRF, SQL Injection).
• Experience with Veracode, Checkmarx, SonarQube, Snyk, or similar scanning tools.
• Familiarity with OAuth2/JWT, encryption, secure session management, and API security.
• Experience with Docker, Kubernetes, Linux hardening, and AWS cloud security.
• Experience using or integrating Generative AI (AWS Bedrock, CodeWhisperer) in security workflows.
• Hands-on experience with CI/CD pipelines and automated security integration.

Job Type: Contractual / Temporary
Contract length: 12 months

Pay: ₹1,000,000.00 - ₹1,584,486.36 per year

Work Location: Hybrid remote in Hyderabad, Telangana