Java Developer

Contract Application & Cloud Security Engineer (Java / DevSecOps)

Location: Alpharetta - hybrid (onsite 3 day/week)

Role Overview

Our client is looking for a hands-on Application & Cloud Security Engineer with strong Java and cloud experience to support vulnerability remediation, secure coding, and DevSecOps enablement. This role is focused on fixing security issues, not just identifying them. The ideal candidate is a security engineer first, with the ability to work directly in Java codebases, CI/CD pipelines, containers, and cloud environments to reduce risk across modern, cloud-hosted applications.

What You'll Do

• Remediate security vulnerabilities in Java / J2EE applications deployed in cloud environments
• Analyze and fix findings from SAST, DAST, SCA, container, and cloud security scans
• Address OWASP Top 10, CVEs, dependency vulnerabilities, and misconfigurations
• Harden applications: authentication, authorization, API security, encryption, secrets management
• Embed security into CI/CD pipelines (GitHub or GitLab) with scans and quality gates
• Partner with DevOps teams on container security (Docker) and runtime hardening
• Review cloud configurations (AWS and/or Azure) and remediate security gaps
• Support patching, upgrades, and vulnerability SLAs
• Assist with incident triage, root cause analysis, and security defect resolution
• Clearly document fixes, risks, and remediation guidance

Required Skills

Security & Cloud

• Strong background in application security and vulnerability remediation
• Hands-on experience securing applications in AWS and/or Azure
• Knowledge of IAM, network security, secrets management, logging, monitoring
• Familiarity with OWASP Top 10, CVEs, secure coding standards
• Experience working in DevSecOps or Cloud Security environments

Java & Engineering

• Strong hands-on experience with Java 8+ and Java 21
• Solid experience with Spring Boot / Spring Framework (Security, MVC, Data)
• Experience securing REST and SOAP APIs
• Experience with Tomcat or JBoss
• Understanding of secure system design and architecture

DevSecOps & Tooling

• Experience integrating security into CI/CD pipelines (GitHub or GitLab)
• Hands-on exposure to Docker container security
• Experience with JUnit, Mockito, and security-focused testing
• Working knowledge of SQL and database security
• Experience working with SNYK, Dependabot, Wiz

Bonus

• Exposure to Node.js, TypeScript (security perspective)
• Kafka, Redis, or distributed systems security
• Kubernetes security concepts
• Compliance or regulated environment experience

What We're Looking For

• Security-focused engineer, not a general backend developer
• Strong remediation mindset—able to fix issues, not just report them
• Able to ramp up quickly in a contract role
• Comfortable working independently and delivering against timelines
• Strong communication and documentation skills

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran