Job Title : Senior Java Developer - Application Security

Experience : 8- 14 Years

Location : Noida

Job Description :

Key Responsibilities :

- Design, develop, and maintain secure, scalable, and high-performance Java applications using frameworks such as Spring Boot, Spring Security, and RESTful APIs.

- Implement and maintain secure authentication and authorization mechanisms including OAuth2, JWT, SAML, and Role-Based Access Control (RBAC).

- Ensure application security by implementing secure coding practices and following industry security standards such as OWASP Top 10.

- Identify and remediate security vulnerabilities such as SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), insecure deserialization, and broken authentication.

- Integrate and manage security scanning tools such as SAST, DAST, SCA tools (e.g., Fortify, Checkmarx, Veracode, SonarQube, Snyk) to detect vulnerabilities in code.

- Implement encryption techniques including SSL/TLS, hashing algorithms, key management, and data encryption to protect sensitive information.

- Design and develop secure APIs and microservices architecture ensuring secure communication between services.

- Work closely with DevOps teams to integrate security into the CI/CD pipeline, enabling automated security testing and secure deployment practices.

- Monitor application logs, security alerts, and system activities to detect and respond to potential security threats and breaches.

- Conduct security reviews, code reviews, and threat modeling exercises to proactively identify potential security risks.

- Perform security audits and compliance checks related to regulatory standards such as ISO 27001, GDPR, and other security compliance frameworks.

- Collaborate with cross-functional teams to implement security best practices across the software development lifecycle (SDLC).

- Stay up to date with emerging security threats, vulnerabilities, and Java security frameworks to continuously improve application security.

Required Skills & Qualifications :

- 8- 14 years of strong experience in Java development.

- Hands-on experience with Spring Boot, Spring Security, and REST API development.

- Strong knowledge of application security concepts and secure coding practices.

- Experience implementing OAuth2, JWT, SAML, and authentication/authorization frameworks.

- Good understanding of OWASP Top 10 vulnerabilities and mitigation techniques.

- Experience with security testing tools, vulnerability scanning, and penetration testing processes.

- Knowledge of encryption algorithms, SSL/TLS protocols, and data protection mechanisms.

- Experience working with microservices architecture and cloud-based applications.

- Familiarity with CI/CD tools such as Jenkins, GitLab CI, or Azure DevOps with integrated security practices.

- Strong analytical, debugging, and problem-solving skills.

Preferred Skills :

- Experience working in Agile / Scrum environments.

- Knowledge of cloud security (AWS / Azure / GCP).

- Experience in container security (Docker, Kubernetes).

- Security certifications such as CEH, CISSP, or CSSLP will be an added advantage.