Browse
···
Log in / Register
Job Summary: Senior professional for library updates, vulnerability mitigation, and impact analysis in Java/JVM, with a focus on dependency management. Key Highlights: 1. Library updates and vulnerability mitigation. 2. Impact analysis and Java/JVM expertise. 3. Experience in Dependency Management (Maven/Gradle). * Client: Avantti Tecnologia * Employment Model: CLT \+ Benefits * Work Mode: 100% Remote * Experience Level: Senior **Responsibilities:** * Library updates: patch legacy libraries by modifying pom.xml to use secure versions. * Transitive vulnerability mitigation: resolve security issues in dependencies brought in indirectly by other libraries. * Impact analysis: assess whether updating a library may cause breaking changes in existing code. Requirements: * **Java/JVM expertise:** deep knowledge of the platform, including library loading and manifestation of vulnerabilities such as code injection and insecure deserialization. * **Experience in Dependency Management (Maven/Gradle):** analysis of dependency tree (mvn dependency:tree), identification of transitive dependencies, use of \ to force versions, and exclusion of vulnerable libraries. **Preferred Qualifications:** * Experience as an AppSec Engineer or Java Security Analyst. * Experience as a Senior Java Backend Developer with a focus on DevSecOps.
