Sr. Java Developer (Application Security / FTE / Hybrid / USC, GC, H4/L2 EAD)

Req ID: 370242\n\nNTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now.\n\nWe are currently seeking a Sr. Java Developer (Application Security / FTE / Hybrid / USC, GC, H4/L2 EAD) to join our team in Charlotte, North Carolina (US-NC), United States (US).\n\n\"Please note that we are unable to consider candidates with active CPT, OPT, or OPT EAD status for this specific role.\"\n\nDay to Day job Duties: (what this person will do on a daily/weekly basis) \n \n\n\n\u2022 Design, develop, and maintain secure Java/J2EE-based applications, ensuring adherence to enterprise security standards and best practices \n\n\u2022 Identify, analyze, and remediate application security vulnerabilities such as XSS, CSRF, session fixation, IDOR, and path traversal issues \n\n\u2022 Perform regular code reviews and security assessments to detect code smells, insecure patterns, and misconfigurations \n\n\u2022 Collaborate with security teams to triage and resolve findings from vulnerability scans, penetration testing, and security audits \n\n\u2022 Implement secure coding practices, including input validation, output encoding, and proper authentication/authorization mechanisms \n\n\u2022 Update and manage third-party libraries (e.g., Axios, jQuery, Ext.js), ensuring no outdated or vulnerable versions are in use \n\n\u2022 Configure and enforce web security controls such as CSP headers, secure cookies (HttpOnly, Secure, SameSite), and cache directives \n\n\u2022 Debug and resolve issues related to HTTP errors (e.g., 500 errors), session management, and application behavior inconsistencies \n\n\u2022 Work closely with frontend and backend teams to ensure consistency in validation and prevent security gaps between UI and server-side logic \n\n\u2022 Analyze and secure APIs, including TPP/Open Banking integrations, ensuring proper authentication and data protection \n\n\u2022 Participate in sprint planning, daily stand-ups, and backlog grooming with Agile teams to prioritize security and development tasks \n\n\u2022 Document security fixes, technical designs, and remediation steps for knowledge sharing and audit readiness \n\n\u2022 Support production releases, perform root cause analysis for incidents, and implement preventive measures \n\n\u2022 Continuously research emerging security threats and recommend improvements to strengthen application security posture \n \n\n\nBasic Qualifications: \n\n \n\u2022 Minimum 5+ years of experience in Java/J2EE development, including building and maintaining enterprise-level web applications \n\n\u2022 At least 3+ years of hands-on experience in application security, including identifying and remediating vulnerabilities such as XSS, CSRF, IDOR, and session-related issues \n\n\u2022 Minimum 3+ years of experience with web technologies such as HTML, CSS, JavaScript, and frameworks/libraries like jQuery, Axios, or Ext.js \n\n\u2022 At least 2+ years of experience in secure coding practices, including input validation, output encoding, authentication, and authorization mechanisms \n\n\u2022 Minimum 2+ years of experience working with RESTful APIs and web services, including securing APIs and handling authentication/authorization \n\n\u2022 At least 2+ years of experience with application servers such as Apache Tomcat, WebLogic, or JBoss \n\u2022 Minimum 2+ years of experience in vulnerability management tools (e.g., Fortify, Checkmarx, Veracode, or similar SAST/DAST tools) \n\n\u2022 At least 2+ years of experience in debugging and resolving production issues, including HTTP errors and performance bottlenecks \n\n\u2022 Minimum 1+ year of experience with security configurations, including CSP headers, secure cookies (HttpOnly, Secure, SameSite), and cache control mechanisms \n\n\u2022 At least 1+ year of experience working in Agile/Scrum environments, participating in sprint ceremonies and collaborative development \n \n\n\nDegree: \n\nBachelors in Computer Science or equivalent work experience\n\n#LI-NorthAmerica\n\n#INDFSINS\n\nAbout NTT DATA\n\nNTT DATA is a $30 billion business and technology services leader, serving 75% of the Fortune Global 100. We are committed to accelerating client success and positively impacting society through responsible innovation. We are one of the world\u0027s leading AI and digital infrastructure providers, with unmatched capabilities in enterprise-scale AI, cloud, security, connectivity, data centers and application services. our consulting and Industry solutions help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have experts in more than 50 countries. We also offer clients access to a robust ecosystem of innovation centers as well as established and start-up partners. NTT DATA is a part of NTT Group, which invests over $3 billion each year in R\u0026D.\n\nWhenever possible, we hire locally to NTT DATA offices or client sites. This ensures we can provide timely and effective support tailored to each client\u2019s needs. While many positions offer remote or hybrid work options, these arrangements are subject to change based on client requirements. For employees near an NTT DATA office or client site, in-office attendance may be required for meetings or events, depending on business needs. At NTT DATA, we are committed to staying flexible and meeting the evolving needs of both our clients and employees. NTT DATA recruiters will never ask for payment or banking information and will only use @nttdata.com and @talent.nttdataservices.com email addresses. If you are requested to provide payment or disclose banking information, please submit a contact us form, https://us.nttdata.com/en/contact-us.\n\nNTT DATA endeavors to make https://us.nttdata.com accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact us at https://us.nttdata.com/en/contact-us. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications. NTT DATA is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. For our EEO Policy Statement, please click here. If you\u0027d like more information on your EEO rights under the law, please click here. For Pay Transparency information, please click here.\n