DeveloperJobs.io
← Back to all jobs

This position is no longer accepting applications

Closed on June 22, 2026.

NTT Ltd

Sr. Java Developer

Charlotte, NC Full time Posted 1mo ago
View similar jobs

Get alerted when similar jobs are posted — set up a Backend Developer jobs alert.

See other roles at NTT Ltd.

Job Description

NTT Ltd is seeking a Sr. Java Developer in Charlotte, North Carolina, with a primary focus on application security. This full-time hybrid role centers on building and maintaining secure Java/J2EE applications while partnering with security teams to remediate vulnerabilities.

Responsibilities

  • Architect, implement, and sustain secure Java/J2EE applications, aligning with enterprise security standards and best practices.
  • Detect and remediate vulnerabilities such as XSS, CSRF, session fixation, IDOR, and path traversal.
  • Conduct routine code reviews and security assessments to identify insecure patterns, code smells, and misconfigurations.
  • Coordinate with security teams to triage and resolve findings from vulnerability scans, penetration testing, and security audits.
  • Apply secure coding practices, including input validation, output encoding, and robust authentication and authorization.
  • Manage third-party libraries (Axios, jQuery, Ext.js), ensuring dependencies are up to date and free from vulnerabilities.
  • Configure web security controls such as CSP headers, HttpOnly/Secure/SameSite cookies, and cache directives.
  • Diagnose and fix issues related to HTTP errors, session management, and inconsistent application behavior.
  • Collaborate with frontend and backend teams to align validation across UI and server logic, reducing security gaps.
  • Evaluate and secure APIs, including TPP/Open Banking integrations, with proper authentication and data protection.
  • Participate in Agile ceremonies (sprint planning, standups, backlog grooming) to prioritize security and development tasks.
  • Document security fixes, technical designs, and remediation steps to support knowledge sharing and audits.
  • Support production releases, perform root cause analyses for incidents, and implement preventive measures.
  • Continuously monitor emerging threats and propose improvements to strengthen the application's security posture.

Requirements

  • At least five years of Java/J2EE development experience, including building and maintaining enterprise-grade web applications.
  • A minimum of three years hands-on experience in application security, addressing XSS, CSRF, IDOR, and session-related issues.
  • Three or more years working with web technologies (HTML, CSS, JavaScript) and libraries such as jQuery, Axios, or Ext.js.
  • Two or more years applying secure coding practices, including input validation, output encoding, and authentication/authorization mechanisms.
  • Two or more years with RESTful APIs and web services, focusing on API security and authentication/authorization.
  • Two or more years with application servers such as Apache Tomcat, WebLogic, or JBoss.
  • Two or more years using vulnerability management tools (Fortify, Checkmarx, Veracode, or similar SAST/DAST tools).
  • Two or more years debugging and resolving production issues, including HTTP errors and performance bottlenecks.
  • One or more years configuring security controls, including CSP headers, secure cookies, and cache control mechanisms.
  • One or more years working in Agile/Scrum environments, participating in sprint ceremonies and collaborative development.

Technologies

  • Java
  • Java/J2EE
  • HTML
  • CSS
  • JavaScript
  • jQuery
  • Axios
  • Ext.js
  • Apache Tomcat
  • WebLogic
  • JBoss
  • Fortify
  • Checkmarx
  • Veracode

Similar Jobs