Java/Node.js Engineer Security Remediation & Technical Debt Automation
Job Description
Job Description
Job Title: Java/Node.js Engineer – Security Remediation & Technical Debt Automation
Location: NJ or STL (Hybrid)
Employment Type: Contract
Experience Level: 7+ years
Rate : 55-60$/Hr on 1099 / C2C
About the Role
We are seeking a highly skilled Java/Node.js Engineer with expertise in application security remediation , technical debt reduction , and automated vulnerability fixes . This role involves identifying, triaging, and remediating security vulnerabilities across Java, Node.js, Ruby on Rails, and WordPress applications.
You will also drive automated remediation workflows and work with Generative AI tools (e.g., AWS Bedrock) to accelerate secure coding and vulnerability fixes.
This position requires collaboration with InfoSec, QA, DevOps, Architecture , and development teams to continuously improve our security posture.
Key Responsibilities
Vulnerability Remediation & Secure Coding
- Analyze, triage, and remediate vulnerabilities identified through SAST, DAST, and SCA tools (SonarQube, Veracode, Checkmarx, Snyk, OWASP ZAP).
- Refactor insecure Java, Node.js, Ruby on Rails, and WordPress codebases to fix issues such as:
- SQL Injection, XXE, XSS
- CSRF, SSRF
- Insecure Deserialization
- Authentication & session management flaws
- Path traversal or file upload vulnerabilities
- Patch and upgrade vulnerable third-party dependencies (Maven, Gradle, npm, Bundler, Composer) and validate remediation results.
- Harden and secure configurations across:
- Spring Boot APIs
- Node.js/Express.js services
- Ruby on Rails frameworks
- WordPress environments and plugins
- Ensure fixes do not impact app functionality by performing regression testing and user flow validation.
Automation & GenAI-Driven Security
- Integrate security checks and automated remediation into CI/CD pipelines (Jenkins, GitHub Actions).
- Build or enhance AI-driven security workflows using AWS Bedrock or equivalent GenAI platforms:
- Auto-generate secure code patches
- Summarize vulnerability reports
- Suggest prioritized fixes
- Provide real-time security recommendations for developers
- Develop custom scripts to automate scanning, remediation, and validation processes.
Technical Debt & Platform Modernization
- Identify and fix legacy security issues across Java, Node.js, Rails, and WordPress applications.
- Modernize outdated components, remove deprecated libraries, and refactor insecure patterns.
- Harden Docker images, Linux environments, Kubernetes configurations, and AWS cloud setups.
Collaboration & Continuous Improvement
- Work closely with InfoSec and QA teams to validate fixes, perform rescans, and close vulnerability tickets.
- Partner with development teams to promote secure coding best practices.
- Stay current on OWASP Top 10, CWE/SANS 25, CVEs, and emerging security threats across multiple tech stacks.
Required Skills
- Strong hands-on experience with Core Java, Spring Boot, REST APIs, Tomcat , and secure Java coding.
- Proficiency in Node.js, Express.js, JavaScript/TypeScript .
- Exposure to Ruby on Rails and WordPress , with the ability to assist in vulnerability remediation and secure configuration.
- Strong understanding of application vulnerabilities and mitigation techniques (e.g., XSS, CSRF, SQL Injection).
- Experience with Veracode, Checkmarx, SonarQube, Snyk, or similar scanning tools.
- Familiarity with OAuth2/JWT, encryption, secure session management, and API security.
- Experience with Docker, Kubernetes, Linux hardening, and AWS cloud security.
- Experience using or integrating Generative AI (AWS Bedrock, CodeWhisperer) in security workflows.
- Hands-on experience with CI/CD pipelines and automated security integration.
Preferred Qualifications
- Experience with microservices, API gateways, and cloud-native security.
- Understanding of OWASP ASVS, threat modeling, and DevSecOps best practices.
- Experience with automating remediation workflows using GenAI.
- Certifications: CEH, CSSLP, OSCP, GSSP-Java, or similar.
Soft Skills
- Strong analytical, debugging, and problem-solving skills.
- Excellent communication and documentation abilities.
- Collaborative mindset with the ability to work across security, development, and DevOps teams.
- Self-driven, proactive, and detail-oriented with a commitment to secure, high-quality code.
Recommended Jobs
Behavioral Assistant
Job Description Job Description Benefits: Flexible schedule Opportunity for advancement Training & development Community Advancement and Behavioral Transformation, Inc. (CAABT) is cur…
UiPath Alteryx Robotics Process Automation
Kforce has a client that is seeking a UiPath Alteryx Robotics Process Automation in Newark, DE. Responsibilities: * Design, develop, and deploy automation solutions using UiPath and Alteryx to enhanc…
Spanish Speaking Nanny In Princeton, NJ
Private Family in Princeton, New Jersey Seeking a Full-Time Bilingual Nanny Position: Full-Time Live-Out Nanny (with occasional live-in flexibility) Schedule: Typically Monday–Friday, approxim…
Security Officer Driving Patrol Duty
Job Description Job Description Overview Allied Universal®, North America’s leading security and facility services company, offers rewarding careers that provide you a sense of purpose. While …
Outbound Sales Position Salary + Commission
Job Description Job Description Benefits: ~401(k) ~ Bonus based on performance ~ Competitive salary ~ Dental insurance ~ Employee discounts ~ Health insurance ~ Opportunity for advan…
Cloud Engineer - Container Platforms
Description: Jersey City, NJ with additional work locations in Merrimack, NH and Westlake, TX Our client seeks a Cloud Engineer to join the Container Management Platforms area and help build an…
Superintendent- NJ Ground up stick frame multifamily mix use
Job Description Job Description Job Title: Superintendent Location: Northern New Jersey (NNJ) Salary: $120,000 – $150,000 + Excellent Benefits About the Role Our client, a well…
CHHA Home Health Aide
Job Description Job Description Responsibilities - Assist clients with activities of daily living (ADLs) such as bathing, dressing, and grooming - Provide companionship and emotional support …
Assistant Credit Controller, Cash Application
DSV - Global transport and logistics In 1976, ten independent hauliers joined forces and founded DSV in Denmark. Since then, DSV has evolved to become the world's 3rd largest supplier of global so…
Phlebotomist Per Diem
Labcorp is a global leader in diagnostic testing and drug development solutions, helping healthcare providers, researchers, and patients make informed decisions that advance care. Join us in our miss…