Java/Node.js Engineer Security Remediation & Technical Debt Automation

Job Description

Job Title: Java/Node.js Engineer – Security Remediation & Technical Debt Automation

Location: NJ or STL (Hybrid)

Employment Type: Contract

Experience Level: 7+ years

Rate : 55-60$/Hr on 1099 / C2C

About the Role

We are seeking a highly skilled Java/Node.js Engineer with expertise in application security remediation, technical debt reduction, and automated vulnerability fixes. This role involves identifying, triaging, and remediating security vulnerabilities across Java, Node.js, Ruby on Rails, and WordPress applications.

You will also drive automated remediation workflows and work with Generative AI tools (e.g., AWS Bedrock) to accelerate secure coding and vulnerability fixes.

This position requires collaboration with InfoSec, QA, DevOps, Architecture, and development teams to continuously improve our security posture.

Key Responsibilities

Vulnerability Remediation & Secure Coding

Analyze, triage, and remediate vulnerabilities identified through SAST, DAST, and SCA tools (SonarQube, Veracode, Checkmarx, Snyk, OWASP ZAP).

Refactor insecure Java, Node.js, Ruby on Rails, and WordPress codebases to fix issues such as:

SQL Injection, XXE, XSS

CSRF, SSRF

Insecure Deserialization

Authentication & session management flaws

Path traversal or file upload vulnerabilities

Patch and upgrade vulnerable third-party dependencies (Maven, Gradle, npm, Bundler, Composer) and validate remediation results.

Harden and secure configurations across:

Spring Boot APIs

Node.js/Express.js services

Ruby on Rails frameworks

WordPress environments and plugins

Ensure fixes do not impact app functionality by performing regression testing and user flow validation.

Automation & GenAI-Driven Security

Integrate security checks and automated remediation into CI/CD pipelines (Jenkins, GitHub Actions).

Build or enhance AI-driven security workflows using AWS Bedrock or equivalent GenAI platforms:

Auto-generate secure code patches

Summarize vulnerability reports

Suggest prioritized fixes

Provide real-time security recommendations for developers

Develop custom scripts to automate scanning, remediation, and validation processes.

Technical Debt & Platform Modernization

Identify and fix legacy security issues across Java, Node.js, Rails, and WordPress applications.

Modernize outdated components, remove deprecated libraries, and refactor insecure patterns.

Harden Docker images, Linux environments, Kubernetes configurations, and AWS cloud setups.

Collaboration & Continuous Improvement

Work closely with InfoSec and QA teams to validate fixes, perform rescans, and close vulnerability tickets.

Partner with development teams to promote secure coding best practices.

Stay current on OWASP Top 10, CWE/SANS 25, CVEs, and emerging security threats across multiple tech stacks.

Required Skills

Strong hands-on experience with Core Java, Spring Boot, REST APIs, Tomcat, and secure Java coding.

Proficiency in Node.js, Express.js, JavaScript/TypeScript.

Exposure to Ruby on Rails and WordPress, with the ability to assist in vulnerability remediation and secure configuration.

Strong understanding of application vulnerabilities and mitigation techniques (e.g., XSS, CSRF, SQL Injection).

Experience with Veracode, Checkmarx, SonarQube, Snyk, or similar scanning tools.

Familiarity with OAuth2/JWT, encryption, secure session management, and API security.

Experience with Docker, Kubernetes, Linux hardening, and AWS cloud security.

Experience using or integrating Generative AI (AWS Bedrock, CodeWhisperer) in security workflows.

Hands-on experience with CI/CD pipelines and automated security integration.

Preferred Qualifications

Experience with microservices, API gateways, and cloud-native security.

Understanding of OWASP ASVS, threat modeling, and DevSecOps best practices.

Experience with automating remediation workflows using GenAI.

Certifications: CEH, CSSLP, OSCP, GSSP-Java, or similar.

Soft Skills

Strong analytical, debugging, and problem-solving skills.

Excellent communication and documentation abilities.

Collaborative mindset with the ability to work across security, development, and DevOps teams.

Self-driven, proactive, and detail-oriented with a commitment to secure, high-quality code.