Software Developer Senior Engineer - Java & Cloud Engineering

• Application Infrastructure Security

• Lead secure coding practices and integrate

  SAST

  ,

  DAST

  ,

  Penetration Testing

  , and

  vulnerability scanning

  into the development lifecycle.
• Analyze and remediate findings from tools like

  SpotBugs

  ,

  Polaris Synopsys

  ,

  Acunetix

  , and custom security assessments.

• Threat Modeling Risk Mitigation

• Perform threat modeling, assess security risks including

  SQL injection

  ,

  XSS

  , CSRF, and privilege escalation.
• Guide teams on secure implementation patterns and anti-patterns.

• Cloud Container Security

• Harden

  Docker

  ,

  Kubernetes

  , and SaaS infrastructure for multi-tenant, secure-by-design deployments.
• Implement policies for image scanning, secrets management, network segmentation, and runtime security.

• Security Automation DevSecOps

• Automate security checks in CI/CD pipelines using tools like

  GitLab CI

  ,

  Jenkins

  ,

  SonarQube

  , etc.
• Promote Infrastructure as Code (IaC) security and integrate tools for Terraform/Helm validations.

• Governance Compliance

• Define and enforce security standards aligned with

  OWASP

  ,

  CIS Benchmarks

  , and industry best practices.
• Maintain documentation and assist with security audits and compliance requirements.

• Mentoring Collaboration

• Mentor engineers on secure design, coding, and deployment practices.
• Collaborate with product owners and engineering managers to drive secure feature development.
• Champion end-to-end test suites, including integration tests against multiple plugin types and configure post-deployment test execution.

• Trouble shooting:

• Integrate and troubleshoot SAML- and LDAP-based authentication mechanisms and replicated customer setups.
• Configure and manage network access rules, including port whitelisting, firewall exceptions, proxy settings, authentication endpoints and troubleshooting other networking issues.

• 9+ years of experience in

  application security

  ,

  DevSecOps

  , or

  cloud security

  within enterprise Java environments.

• Proficient in using Core Java, J2EE, JDBC, Spring MVC, Spring Boot, Restful Web Services.

• Proficiency in JavaScript, HTML, and CSS.
• Experience with at least one major JavaScript framework (e.g., React, Angular, Vue.js).
• Strong knowledge of

  penetration testing

  ,

  static/dynamic analysis

  , and tools like

  SpotBugs

  ,

  Polaris

  ,

  Acunetix

  ,

  OWASP ZAP

  , etc.
• Expertise in secure coding, vulnerability assessment, and remediating common issues like

  SQL injection

  ,

  XSS

  , and

  insecure deserialization

  .
• Hands-on experience with

  Docker

  ,

  Kubernetes

  ,

  Helm

  , and cloud-native security tooling.
• Familiarity with SaaS security concerns: multi-tenancy, access isolation, data encryption, and secure APIs.
• Experience integrating security into CI/CD pipelines and using GitOps principles.

Preferred Qualifications

• Certifications such as

  OSCP

  ,

  CEH

  ,

  CISSP

  , or

  CKS (Certified Kubernetes Security Specialist)

  .
• Prior experience with

  security automation

  ,

  policy-as-code

  , or

  container scanning platforms

  (e.g., Trivy, Aqua, Prisma).
• Knowledge of

  threat modeling frameworks

  (e.g., STRIDE) and secure architecture principles.
• Exposure to Gen AI tools for secure code analysis, vulnerability triaging, or automated documentation.

What We Offer

• Opportunity to influence product direction and architecture.
• A collaborative and learning-focused environment.
• Access to modern tools and Gen AI platforms.
• Competitive salary and performance bonuses
• Health insurance
• Hybrid work model

Company Overview

data governance, cybersecurity, and platform modernization

Why Quest

At Quest, your work makes an impact. You ll help organizations get AI-ready while building your career with a global team of innovators. We offer:

• Competitive pay, annual bonuses, and top-performer recognition.
• Comprehensive health, family, and retirement benefits.
• Flexible work options, generous PTO, and wellness programs.
• Professional growth through learning platforms, mentorship, and leadership programs.
• Inclusive teams that reflect the world we serve, supported by Employee Resource Groups and our Equality Inclusion Council.

Quest is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: Quest is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment

free of discrimination and harassment. All employment decisions at Quest are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex

(including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or

genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Quest will not tolerate discrimination or harassment based on any of these characteristics. Quest

encourages applicants of all ages.

Come join us. For more information, visit us on the web at Quest Careers | Innovate. Collaborate. Grow.

Job seekers should be aware of fraudulent job offers from online scammers and only apply to roles listed on quest.com/careers using our applicant system. Note: We do not use text messaging or third-party messaging apps like Telegram to communicate with applicants, so please exercise caution if you are approached in this way and only interact with people claiming to be Quest employees if they have an email address ending in @quest.com. You can report job scams to the FTC (ReportFraud.ftc.gov) or your state attorney general.

#LI-SR1