Talent.com
Java Engineer – Application Security Remediation
Java Engineer – Application Security RemediationMomento USA • Lake St Louis, MO, United States
Java Engineer – Application Security Remediation

Java Engineer – Application Security Remediation

Momento USA • Lake St Louis, MO, United States
job_description.job_card.variable_hours_ago
serp_jobs.job_preview.job_type
  • serp_jobs.job_card.full_time
  • serp_jobs.filters_job_card.quick_apply
job_description.job_card.job_description

Java Engineer Application Security Remediation

About the Role

We are seeking a Java Engineer with strong expertise in secure coding, vulnerability management, and application hardening. You will be responsible for analyzing, fixing, and validating vulnerabilities across our Java-based & Node.js based applications.

This role involves working closely with security, QA, and platform teams to ensure that all identified vulnerabilities are remediated effectively and that our software meets modern security standards.

Key Responsibilities

  • Analyze and fix vulnerabilities detected via SAST, DAST, and dependency analysis tools such as SonarQube, Veracode, Snyk, or Checkmarx.
  • Refactor code to mitigate risks like SQL Injection, XXE, deserialization attacks, XSS, CSRF, and authentication flaws.
  • Patch and upgrade vulnerable third-party libraries and dependencies (Maven / Gradle).
  • Collaborate with InfoSec and DevOps to validate and re-test remediations.
  • Perform secure code reviews and recommend best practices to developers.
  • Enhance Spring Boot, REST API, Node.js and microservices security configurations.
  • Contribute to improving automation in CI / CD for continuous vulnerability scanning.
  • Stay current with the OWASP Top 10, CWE / SANS 25, and Java security updates.

Required Skills

  • Strong proficiency in Core Java, Spring Boot, Node.js and REST API development.
  • Solid understanding of secure coding principles and application security fundamentals.
  • Experience in remediating vulnerabilities identified by automated scanning tools.
  • Familiarity with dependency management and patching libraries using Maven or Gradle.
  • Hands-on experience with JWT / OAuth2, input validation, and encryption techniques.
  • Working knowledge of Docker, Kubernetes, or cloud security principles.

    • Preferred Qualifications

  • Familiarity with DevSecOps pipelines and automated vulnerability management.
  • Knowledge of static and dynamic code analysis tools.
  • Experience with Spring Security and secure REST API design.
  • Certifications such as CEH, CSSLP, or GIAC Secure Software Programmer (GSSP-Java).

    • Soft Skills

  • Analytical and detail-oriented problem solver.
  • Strong communication and documentation skills.
  • Collaborative mindset to work across engineering, security, and operations teams.
  • Commitment to building secure, maintainable, and high-quality applications.

    • Note : Momento USA is an Equal Opportunity / Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

    serp_jobs.job_alerts.create_a_job

    Application Security Engineer • Lake St Louis, MO, United States