NEWPosted 8 hours ago

Job ID: JOB_ID_2298

Role Overview

Han IT Staffing is seeking a highly skilled and dedicated Node JS Engineer specializing in Application Security Remediation and Automation. This is a critical hybrid role based in St. Louis, MO, or Dallas, TX, requiring three days of onsite collaboration per week. As a Senior Engineer, you will be at the forefront of securing our enterprise applications, focusing on identifying, triaging, and remediating complex vulnerabilities within Node.js and Java environments. This position is unique as it integrates cutting-edge Generative AI solutions, specifically AWS Bedrock, to streamline and accelerate security workflows and automation. The ideal candidate will possess a deep understanding of both software development and the security landscape, ensuring that our applications are resilient against modern threats.

Key Responsibilities

  • Analyze and triage security vulnerabilities identified through industry-standard SAST, DAST, and SCA tools including SonarQube, Veracode, Snyk, and Checkmarx.
  • Execute hands-on remediation of vulnerabilities within Java and Node.js codebases, addressing critical flaws such as SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), and insecure deserialization.
  • Refactor legacy code to align with modern secure coding standards and mitigate authentication and authorization flaws.
  • Manage third-party dependency risks by patching and upgrading libraries using Maven and Gradle, ensuring post-remediation stability.
  • Develop and enhance security automation workflows by leveraging Generative AI platforms like AWS Bedrock to create auto-remediation patterns.
  • Integrate security validation and automated remediation steps directly into CI/CD pipelines to improve overall security velocity.
  • Collaborate extensively with InfoSec, QA, DevOps, and broader engineering teams to maintain a robust security posture.
  • Perform comprehensive secure code reviews and provide actionable guidance to development teams on OWASP Top 10 and CWE/SANS 25 risks.
  • Configure and harden security settings for Spring Boot applications, REST APIs, and Tomcat-based deployments.

Technical Requirements

  • Extensive experience in Core Java development and the Spring Boot framework.
  • Deep proficiency in Node.js development with a focus on security configurations and remediation techniques.
  • Proven track record in application vulnerability remediation and secure coding practices.
  • Hands-on experience with security tooling such as Veracode, Checkmarx, or Snyk.
  • Strong understanding of web security protocols, including OAuth2, JWT, and secure session management.
  • Experience with containerization technologies like Docker and orchestration via Kubernetes.
  • Familiarity with cloud-native security considerations and AWS infrastructure.

Preferred Qualifications

  • Experience implementing GenAI tools like AWS Bedrock or Amazon CodeWhisperer for security automation.
  • Advanced knowledge of Spring Security and infrastructure hardening.
  • Relevant industry certifications such as CEH (Certified Ethical Hacker), CSSLP, or GSSP-Java.
  • Experience with AWS services including Elastic Beanstalk, Lambda, CloudFront, and API Gateway.

Professional Development and Future Outlook

As we move into 2026, the integration of Artificial Intelligence into the Software Development Life Cycle (SDLC) is no longer optional—it is a necessity. This role is designed for a forward-thinking Node JS Engineer who wants to be at the intersection of software engineering and cybersecurity. You will not only be fixing bugs; you will be architecting the future of automated security. Our team provides continuous learning opportunities, specifically in the realm of AWS cloud security and Generative AI implementation. By working with AWS Bedrock and Step Functions, you will gain invaluable experience in building self-healing systems that can identify and patch vulnerabilities with minimal human intervention. This position offers a clear career path into Security Architecture or DevSecOps Leadership, making it an ideal choice for a professional looking to solidify their standing in the high-demand field of application security. We value local candidates in the St. Louis and Dallas areas who can contribute to our vibrant onsite culture three days a week.

Special Requirements

Hybrid 3 days onsite; Need Local Candidates; Security remediation domain; GenAI (AWS Bedrock) focus.

Compensation & Location

Salary: $145,000 – $195,000 per year (Estimated)

Location: St. Louis, MO

Recruiter / Company – Contact Information

Recruiter / Employer: Han IT Staffing

Email: krishnamohan@hanstaffing.com

Interested in this position?
Apply via Email

Recruiter Notice:
To remove this job posting, please send an email from
krishnamohan@hanstaffing.com with the subject:

DELETE_JOB_ID_2298

to delete@join-this.com.