Java / Spring Security Vulnerability Engineer

Job Title: Java / Spring Security Vulnerability Engineer

Location: Chicago, IL (Onsite)

Contract

Key Responsibilities

Java Development

Design, develop, and maintain secure Java applications using Java 8+, Spring / Spring Boot, and RESTful APIs

Implement secure coding practices aligned with OWASP Top 10 and CWE standards

Write clean, maintainable, and testable code with a strong focus on security controls

Application Security

Perform Static (SAST), Dynamic (DAST), and Software Composition Analysis (SCA) on Java applications

Identify and remediate vulnerabilities such as:

SQL Injection

Cross-Site Scripting (XSS)

Insecure Deserialization

Authentication & Authorization flaws

Conduct manual code reviews with a security focus

Vulnerability Management

Triage and remediate vulnerabilities identified via tools like Fortify, Veracode, Checkmarx, SonarQube, Snyk, or OWASP Dependency-Check

Perform vulnerability risk analysis and prioritize remediation based on CVSS scores

Work with development teams to fix vulnerabilities and validate remediation