Senior Application Security​/Java Engineer

Overview

We are seeking a highly skilled Senior Application Security / Java Engineer to design, implement, and secure enterprise‑grade applications. The ideal candidate combines deep Java development expertise with strong application security knowledge, enabling them to build secure, scalable solutions and mitigate vulnerabilities across the SDLC.

• Design, develop, and enhance secure Java‑based applications and APIs
• Implement application security best practices and integrate security controls throughout development
• Perform code reviews, vulnerability assessments, and threat modeling
• Collaborate with development and Dev Ops teams to ensure secure CI/CD pipelines
• Identify, prioritize, and remediate security vulnerabilities and risks
• Evaluate new technologies and tools to strengthen the organization’s application security posture
• Develop automated security testing and monitoring frameworks
• Provide technical guidance on secure coding and security design principles

• 8+ years of software engineering experience with strong Java and Spring Boot expertise
• 3+ years of hands‑on experience in application security or secure software development
• Deep understanding of OWASP Top 10, authentication/authorization models, and web application security
• Experience with SAST, DAST, and security scanning tools (e.g., Veracode, Fortify, Sonar Qube, Burp Suite)
• Knowledge of secure API development, encryption, and key management practices
• Strong understanding of CI/CD pipelines, Dev Sec Ops , and cloud platforms (AWS, GCP, or Azure)
• Excellent problem‑solving and cross‑team collaboration skills

• Security certifications (CISSP, CSSLP, CEH, or equivalent)
• Experience in regulated industries (e.g., healthcare, finance)
• Familiarity with container security (Docker, Kubernetes)