Java Developer

Contract Application & Cloud Security Engineer (Java / DevSecOps)Location: Alpharetta - hybrid (onsite 3 day/week)Role OverviewOur client is looking for a hands-on Application & Cloud Security Engineer with strong Java and cloud experience to support vulnerability remediation, secure coding, and DevSecOps enablement . This role is focused on fixing security issues , not just identifying them.The ideal candidate is a security engineer first , with the ability to work directly in Java codebases, CI/CD pipelines, containers, and cloud environments to reduce risk across modern, cloud-hosted applications.What You'll DoRemediate security vulnerabilities in Java / J2EE applications deployed in cloud environmentsAnalyze and fix findings from SAST, DAST, SCA, container, and cloud security scansAddress OWASP Top 10, CVEs, dependency vulnerabilities, and misconfigurationsHarden applications: authentication, authorization, API security, encryption, secrets managementEmbed security into CI/CD pipelines (GitHub or GitLab) with scans and quality gatesPartner with DevOps teams on container security (Docker) and runtime hardeningReview cloud configurations (AWS and/or Azure) and remediate security gapsSupport patching, upgrades, and vulnerability SLAsAssist with incident triage, root cause analysis, and security defect resolutionClearly document fixes, risks, and remediation guidanceRequired SkillsSecurity & CloudStrong background in application security and vulnerability remediationHands-on experience securing applications in AWS and/or AzureKnowledge of IAM, network security, secrets management, logging, monitoringFamiliarity with OWASP Top 10, CVEs, secure coding standardsExperience working in DevSecOps or Cloud Security environmentsJava & EngineeringStrong hands-on experience with Java 8+ and Java 21Solid experience with Spring Boot / Spring Framework (Security, MVC, Data)Experience securing REST and SOAP APIsExperience with Tomcat or JBossUnderstanding of secure system design and architectureDevSecOps & ToolingExperience integrating security into CI/CD pipelines (GitHub or GitLab)Hands-on exposure to Docker container securityExperience with JUnit, Mockito , and security-focused testingWorking knowledge of SQL and database securityExperience working with SNYK, Dependabot, WizBonusExposure to Node.js, TypeScript (security perspective)Kafka, Redis, or distributed systems securityKubernetes security conceptsCompliance or regulated environment experienceWhat We're Looking ForSecurity-focused engineer , not a general backend developerStrong remediation mindset—able to fix issues, not just report themAble to ramp up quickly in a contract roleComfortable working independently and delivering against timelinesStrong communication and documentation skills"All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran"