Key Facts

Remote From:

Full time

English

Hard Skills

Spring Framework Java (Programming Language) Java (Programming Language) Software Security Spring AOP Spring Security OAuth General Security Secure Coding Role-Based Access Control (RBAC) Application Programming Interface (API) General Data Protection Regulation (GDPR) Penetration Testing Endpoint Security NIST 800 Audit Info System (AIS) Code Analysis Network Monitoring Vulnerability Scanning Compliance Management OpenID Auditing Security Testing Security Testing Google Cloud Platform (GCP) Data Encryption Microsoft Azure Cryptography Microservices Security Vulnerability Management Cloud Computing Database Security SonarQube SAMtools ISO/IEC 27000 Series Dependency Analysis Incident Response Container Security Kubernetes Spring Security Microservices Security Information Systems Security Log Monitoring Database Security Application Programming Interface (API) Docker (Software) Intrusion Detection And Prevention Identity And Access Management

Other Skills

•
Teamwork
•
Communication
•
Problem Solving
•
Analytical Skills

NIR-YU

Human Resources, Staffing & Recruiting

About NIR-YU

Nir-Yu specializes in helping Small and Medium Enterprises unlock the potential of their business. Our typical customer is worried about not being able to make enough progress on their product(s) or project(s) with their current team; they need additional team-members to deliver work on-time and with the required quality. Tight budgets also make it necessary to lower average wage costs, making it necessary to consider hiring internationally to lower costs. We help these companies by providing a bespoke service that finds and hires remote workers from Mexico, Colombia, Argentina, Chile, Brazil and other countries in LatAm based on the company’s specific job descriptions to work as an extension of their team and perform the required functions. Unlike many other companies, we don’t have a bench of contractors to be hired out, instead each team is hired specifically to meet specific requirements and to work exclusively as a remote employee.

Company type: Scaleup

Industry: Human Resources, Staffing & Recruiting

Founded: 2018

Company size: 201 - 500

Website LinkedIn See all jobs →

Job description

The Role:

We collaborate with our client to assist the world's largest companies in breaking down data silos, enabling teams to make quicker, more informed decisions. Their flagship product represents the most practical application of Knowledge Graphs and semantic technology available today, allowing Fortune 1000 companies to enhance the discovery, governance, and security of their data— ultimately fueling the development of some of the world's most vital technologies.

This position is perfect for a Security Engineer with expertise in Java and the Spring Framework to enhance security in enterprise applications. This role involves securing Java-based systems and ensuring compliance with data protection regulations. The ideal candidate will have a strong background in Java development, cybersecurity, and secure application architecture.

Responsibilities:

Design and implement security solutions for Java-based applications.
Secure applications, microservices, APIs, and databases against vulnerabilities.
Perform static (SAST) and dynamic (DAST) security testing.
Perform quarterly Vulnerability Scans and annual Penetration Test.
Manage application dependencies and vulnerabilities within established SLAs.
Implement and support authentication (OAuth, SAML), authorization (RBAC), and encryption.
Integrate security into the CI/CD pipeline to automate security testing and compliance checks.
Monitor, analyze, and respond to security incidents and security questionnaires.
Manage Data for security monitoring, compliance automation, and audit readiness.
Ensure compliance with data protection regulations (GDPR, CCPA, HIPAA) and security frameworks (ISO 27001, NIST, SOC 2).
Collaborate with development teams to enforce secure coding best practices via code reviews.
Work with Spring Security to enforce access controls and secure distributed applications.
Maintain and publish client’s Authorized Software List.
Stay updated on the latest security vulnerabilities affecting Java and Spring ecosystems.

Requirements:

Bachelor's degree in Computer Science, Cybersecurity, or a related field.
Strong Java development experience, with proficiency in Spring Boot and Spring Security.
Experience with secure coding practices (OWASP Top 10, CWE, etc.).
Hands-on experience with security tools such as SonarQube and Snyk.
Knowledge of encryption techniques (AES, RSA), authentication protocols (OAuth, OpenID Connect), and API security.
Experience with cloud security best practices (AWS, Azure, or GCP).

Preferred:

Certifications such as CISSP, CEH, CSSLP, or AWS Security are a plus.
Experience securing microservices architectures and containerized applications (Docker, Kubernetes).
Familiarity with IAM (Identity & Access Management) solutions and database security.
Knowledge of log management, SIEM solutions, and intrusion detection.
Understanding of Spring Cloud Security, API Gateway security, and service mesh security.
Strong analytical and problem-solving skills.