CloudLinux is hiring a Java Security Researcher to join the Endless Lifecycle team. You will provide secure Java instrumentation for heterogeneous, Java-based environments by analyzing vulnerabilities, backporting patches, and fixing issues in open-source libraries and frameworks.
What You'll Do
- Analyze publicly disclosed vulnerabilities (CVEs) affecting Java open-source libraries and frameworks.
- Investigate and identify safe and compatible versions of third-party dependencies.
- Backport security patches from newer releases to older versions.
- Fix or mitigate vulnerabilities where no upstream patch exists.
- Write clean, maintainable, and well-documented code.
- Collaborate with other engineers and security specialists to deliver high-quality, production-ready updates.
What We're Looking For
- 3+ years of experience in software development.
- In-depth knowledge of Java Core.
- Experience with dependency management tools (Maven, Gradle).
- Experience with Git, Jenkins/Gitlab for CI/CD.
- Experience with legacy systems and maintaining backward compatibility.
Nice to Have
- Experience with repository management systems, such as Nexus.
Technical Stack
- Java, Maven, Gradle, Git, Jenkins, Gitlab, Nexus
Team & Environment
You will be working as part of the Endless Lifecycle team.
Benefits & Compensation
- A focus on professional development.
- Interesting and challenging projects.
- Fully remote work with flexible working hours, work from any location worldwide.
- Paid 24 days of vacation per year.
- 10 days of national holidays.
- Unlimited sick leaves.
- Compensation for private medical insurance.
- Co-working and gym/sports reimbursement.
- Budget for education.
- Opportunity to receive a reward for the most innovative idea that the company can patent.
Work Mode
This is a fully remote position open to candidates located worldwide.
CloudLinux is an equal opportunity employer.
