DevOps Engineer – Vulnerability Patching (Apache Struts & Spring Framework)

We are seeking a DevOps Engineer with expertise in vulnerability patching for Apache Struts and Spring Framework to enhance the security and stability of our applications. The ideal candidate will be responsible for identifying, assessing, and mitigating security vulnerabilities while ensuring system reliability and compliance with industry security standards. Responsibilities: Key Responsibilities: Vulnerability Management: Identify, analyze, and remediate security vulnerabilities in Apache Struts and Spring Framework across production and development environments. Patch Deployment: Apply patches, updates, and security fixes for Apache Struts and Spring Framework while ensuring application stability. Automation & Scripting: Develop and maintain automation scripts (Bash,Shell Scripting, Python, Ansible) to streamline patching and deployment processes. Configuration Management: Utilize Ansible, Terraform, Puppet, or Chef to enforce secure configurations and automate patch deployments. CI/CD Pipeline Security: Ensure Struts and Spring updates are integrated into CI/CD pipelines (Jenkins, GitLab CI, Azure DevOps). Monitoring & Compliance: Implement security monitoring tools to track vulnerabilities and ensure compliance with CIS, NIST, ISO 27001, and PCI-DSS. Incident Response: Collaborate with security teams to address vulnerabilities, perform root cause analysis, and remediate security incidents. Documentation & Reporting: Maintain accurate documentation of security patching activities, risk assessments, and compliance reports. Requirements: Required Skills & Experience: xx years of experience in a DevOps, IT Security, or System Administration role. Strong knowledge of Apache Struts and Spring Framework security vulnerabilities and patching methodologies. Experience with Java application servers (Tomcat, WildFly, JBoss, WebLogic). Proficiency in Linux administration (Ubuntu, RHEL, CentOS) and Windows Server. Hands-on experience with patch management tools and security updates for Java-based applications. Expertise in PowerShell, Bash, or Python scripting for automation. Familiarity with vulnerability scanning tools (Nessus, Qualys, Tenable, Rapid7). Experience working with Docker, Kubernetes, and cloud platforms (AWS, Azure, GCP). Collaborate closely with Dev teams and work on remediation solutions by understanding application architecture . Preferred Qualifications: Certifications such as AWS Certified DevOps Engineer, RHCE, CKA (Certified Kubernetes Administrator), or CISSP. Experience working in Telecom industiries Prior experience with SIEM tools (Splunk, ELK, Datadog) for security monitoring. Prior experience with endpoint security and system hardening.