Sr. Node.js Engineer- R01557229

Brillio is one of the fastest growing digital technology service providers and a partner of choice for many Fortune 1000 companies seeking to turn disruption into a competitive advantage through innovative digital adoption. Brillio, renowned for its world-class professionals, referred to as "Brillians", distinguishes itself through their capacity to seamlessly integrate cutting-edge digital and design thinking skills with an unwavering dedication to client satisfaction.

Brillio takes pride in its status as an employer of choice, consistently attracting the most exceptional and talented individuals due to its unwavering emphasis on contemporary, groundbreaking technologies, and exclusive digital projects. Brillio's relentless commitment to providing an exceptional experience to its Brillians and nurturing their full potential consistently garners them the Great Place to Work® certification year after year.

·       We are looking for a skilled Node.js Engineer with a strong foundation in application security and secure coding practices. The primary focus of this role is to identify, analyze, and fix vulnerabilities within our existing Node.js applications.

·       You will collaborate with our InfoSec, architecture, and DevOps teams to remediate security gaps, refactor insecure code, and strengthen the overall security posture of our products.

·       Identify, triage, and remediate vulnerabilities detected through SAST, DAST, and dependency scanning tools (e.g., Snyk, SonarQube, Checkmarx, OWASP ZAP).

·       Apply secure coding principles and implement fixes for issues like XSS, CSRF, SQL Injection, SSRF, and command injection.

·       Refactor and harden existing Node.js/Express.js APIs for improved security and performance.

·       Update and manage dependencies to address known vulnerabilities using npm audit, Snyk, or similar tools.

·       Collaborate with the Security and QA teams to validate patches and verify that vulnerabilities have been fully resolved.

·       Improve CI/CD pipelines to automate vulnerability scans and security checks.

·       Document changes, maintain audit trails, and support re-scans post-fix validation.

·       Stay updated with Node.js security advisories, OWASP Top 10, and emerging threats.

·       Strong proficiency in Node.js, Express.js, and JavaScript/TypeScript.

·       Experience with REST APIs, OAuth2/JWT, and secure session management.

·       Deep understanding of web application vulnerabilities and mitigation strategies.

·       Familiarity with Docker security, Linux hardening, and AWS cloud environments

·       Hands-on experience integrating security scans into CI/CD pipelines (Jenkins, GitHub Actions).

 

·       Exposure to microservices architecture and API gateway security.

·       Knowledge of OWASP ASVS, CWE standards, or threat modeling frameworks.

·       Familiarity with DevSecOps practices.

·       Security-related certifications (e.g., CEH, CSSLP, OWASP Practitioner) are a plus.

 

·       Excellent problem-solving and debugging skills.

·       Strong collaboration with cross-functional engineering and InfoSec teams.

·       Proactive and detail-oriented mindset focused on secure and scalable code.

Know more about Brillio : https://www.brillio.com/join-us/

PPE: https://www.brillio.com/platform-and-product-engineering/

Equal Employment Opportunity Declaration

Brillio is an equal opportunity employer to all, regardless of age, ancestry, colour, disability (mental and physical), exercising the right to family care and medical leave, gender, gender expression, gender identity, genetic information, marital status, medical condition, military or veteran status, national origin, political affiliation, race, religious creed, sex (includes pregnancy, childbirth, breastfeeding, and related medical conditions), and sexual orientation. 

#LI-PS1