Java/Node.js Engineer Security Remediation & Technical Debt Automation

Job Description

Job Description

Job Title: Java/Node.js Engineer – Security Remediation & Technical Debt Automation

Location: NJ or STL (Hybrid)
Employment Type: Contract
Experience Level: 7+ years

Rate : 55-60$/Hr on 1099 / C2C

About the Role

We are seeking a highly skilled Java/Node.js Engineer with expertise in application security remediation , technical debt reduction , and automated vulnerability fixes . This role involves identifying, triaging, and remediating security vulnerabilities across Java, Node.js, Ruby on Rails, and WordPress applications.
You will also drive automated remediation workflows and work with Generative AI tools (e.g., AWS Bedrock) to accelerate secure coding and vulnerability fixes.

This position requires collaboration with InfoSec, QA, DevOps, Architecture , and development teams to continuously improve our security posture.

Key Responsibilities

Vulnerability Remediation & Secure Coding

• Analyze, triage, and remediate vulnerabilities identified through SAST, DAST, and SCA tools (SonarQube, Veracode, Checkmarx, Snyk, OWASP ZAP).
• Refactor insecure Java, Node.js, Ruby on Rails, and WordPress codebases to fix issues such as:
• SQL Injection, XXE, XSS
• CSRF, SSRF
• Insecure Deserialization
• Authentication & session management flaws
• Path traversal or file upload vulnerabilities
• Patch and upgrade vulnerable third-party dependencies (Maven, Gradle, npm, Bundler, Composer) and validate remediation results.
• Harden and secure configurations across:
• Spring Boot APIs
• Node.js/Express.js services
• Ruby on Rails frameworks
• WordPress environments and plugins
• Ensure fixes do not impact app functionality by performing regression testing and user flow validation.

Automation & GenAI-Driven Security

• Integrate security checks and automated remediation into CI/CD pipelines (Jenkins, GitHub Actions).
• Build or enhance AI-driven security workflows using AWS Bedrock or equivalent GenAI platforms:
• Auto-generate secure code patches
• Summarize vulnerability reports
• Suggest prioritized fixes
• Provide real-time security recommendations for developers
• Develop custom scripts to automate scanning, remediation, and validation processes.

Technical Debt & Platform Modernization

• Identify and fix legacy security issues across Java, Node.js, Rails, and WordPress applications.
• Modernize outdated components, remove deprecated libraries, and refactor insecure patterns.
• Harden Docker images, Linux environments, Kubernetes configurations, and AWS cloud setups.

Collaboration & Continuous Improvement

• Work closely with InfoSec and QA teams to validate fixes, perform rescans, and close vulnerability tickets.
• Partner with development teams to promote secure coding best practices.
• Stay current on OWASP Top 10, CWE/SANS 25, CVEs, and emerging security threats across multiple tech stacks.

Required Skills

• Strong hands-on experience with Core Java, Spring Boot, REST APIs, Tomcat , and secure Java coding.
• Proficiency in Node.js, Express.js, JavaScript/TypeScript .
• Exposure to Ruby on Rails and WordPress , with the ability to assist in vulnerability remediation and secure configuration.
• Strong understanding of application vulnerabilities and mitigation techniques (e.g., XSS, CSRF, SQL Injection).
• Experience with Veracode, Checkmarx, SonarQube, Snyk, or similar scanning tools.
• Familiarity with OAuth2/JWT, encryption, secure session management, and API security.
• Experience with Docker, Kubernetes, Linux hardening, and AWS cloud security.
• Experience using or integrating Generative AI (AWS Bedrock, CodeWhisperer) in security workflows.
• Hands-on experience with CI/CD pipelines and automated security integration.

Preferred Qualifications

• Experience with microservices, API gateways, and cloud-native security.
• Understanding of OWASP ASVS, threat modeling, and DevSecOps best practices.
• Experience with automating remediation workflows using GenAI.
• Certifications: CEH, CSSLP, OSCP, GSSP-Java, or similar.

Soft Skills

• Strong analytical, debugging, and problem-solving skills.
• Excellent communication and documentation abilities.
• Collaborative mindset with the ability to work across security, development, and DevOps teams.
• Self-driven, proactive, and detail-oriented with a commitment to secure, high-quality code.