Quantitative Developer at IC Markets developing performance - critical trading systems and implementing quantitative models. Collaborating with analysts to enhance real - time execution decisions in a hybrid work environment.
About the role
- Node Engineer with expertise in secure coding and vulnerability remediation at Brillio. Collaborate with InfoSec, QA, and DevOps to enhance application security.
Responsibilities
- Analyze, triage, and remediate vulnerabilities identified via SAST, DAST, and software composition analysis tools such as SonarQube, Veracode, Snyk, and Checkmarx.
- Refactor insecure Java and Node.js codebases to mitigate vulnerabilities such as SQL Injection, XXE, XSS, CSRF, Deserialization, and Authentication flaws.
- Patch and upgrade vulnerable third-party dependencies using Maven/Gradle, and validate post-remediation effectiveness.
- Leverage Generative AI tools (e.g., AWS Bedrock) to build or enhance automation workflows for:
- Auto-remediation of common vulnerability patterns
- Code recommendations and patch generation
- AI-driven security analysis and triage assistance
- Automate vulnerability remediation and validation within CI/CD pipelines, improving security velocity and reducing manual effort.
- Strengthen security configurations in Spring Boot, REST APIs, Node.js services, and Tomcat-based deployments.
- Perform secure code reviews, provide remediation guidance, and promote secure coding best practices across development teams.
- Collaborate with InfoSec and DevOps teams to validate fixes, perform re-scans, and close vulnerability tickets.
- Stay current on security advisories, OWASP Top 10, CWE/SANS 25, and Java/Tomcat ecosystem updates.
Requirements
- 6+ years of experience
- Must Have: NodeJS, vulnerability remediation, and security, Java
- Strong hands-on experience with Core Java, Spring Boot, Tomcat, and REST API development
- Proficiency in secure coding principles and application vulnerability remediation
- Experience remediating issues identified by tools like Veracode, Checkmarx, SonarQube, or Snyk
- Knowledge of dependency management and patching practices using Maven or Gradle
- Familiarity with Node.js security configurations and remediation techniques
- Experience with OAuth2/JWT, input validation, encryption, and secure session management
- Understanding of Docker, Kubernetes, and security considerations in cloud-native applications
- Preferred: Experience with automating vulnerability remediation using GenAI platforms (e.g., AWS Bedrock, Amazon CodeWhisperer)
- Exposure to DevSecOps pipelines, including automated security scans and policy enforcement
- Strong understanding of Spring Security, secure API design, and infrastructure hardening
- Certifications such as CEH, CSSLP, GSSP-Java, or similar are a plus.
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Intern responsible for preparing Computer - Aided Design (CAD) models and technical drawings for assembly equipment with support from mentors and team members.
System Architect / Senior Developer combining hands - on coding with system architecture at ADB Safegate. Working in a global aviation tech environment focusing on complex systems.
Join GSK's Engineering Graduate Programme in Pakistan, focusing on pharmaceutical manufacturing and supply chain practices. Develop engineering skills in a supportive environment with opportunities for growth.
Cloud Operations Engineer designing, developing, and implementing advanced cloud - based applications for AVEVA. Collaborating with global teams to ensure operational security, stability, and scalability of cloud services.
Full Stack Engineer designing and delivering scalable solutions for reliable, productive manufacturing environments at Rockwell Automation. Collaborating in agile teams with a focus on cloud technologies and modern frameworks.
Sr Stat Programmer at IQVIA providing statistical programming expertise and integrated programming solutions for complex studies. Collaborating with internal teams and leading multiple technical projects.
Engineering Excellence Lead driving application development modernization at SAS. Collaborating across teams to embed technical excellence and improve engineering practices.
Nuclear Instructor at Vistra Nuclear Operations coordinating training programs and materials for nuclear industry compliance. Overseeing curriculum review and corrective actions in training documentation.
Engineering Technician responsible for maintaining and developing workshop equipment at Nestlé's Tutbury Factory. Ensuring quality and efficiency in production output and cost - effectiveness.