Node JS Developer (Lead) with skills Open Source Development, Ruby, JavaScript Development for location Any Infogain Base Location (Noida, Gurugram, Bangalore, Mumbai, Pune)
ROLES & RESPONSIBILITIES
Vulnerability Remediation Engineer ( Ruby and Clojure )
We are seeking a highly skilled professional to manage and remediate vulnerabilities in both Ruby and Clojure applications. The ideal candidate will have experience in leveraging reports from GitHub Advanced Security, SCA/SAST tools, use dependency management frameworks, and the ability to apply secure coding practices for both Ruby and Clojure ecosystems.
Key Responsibilities
Analyze Vulnerabilities reported in Ruby and Clojure applications
Review reports from various tools including Github Advance security, Brakeman, Snyk, lein-nvd
Analyze existing reports to prioritize fixes such that maximum issues are tackled
Remediation, Management and Automate of Dependencies:
Manually or automatically update dependencies with Dependabot, Bundler, RoboCop, Synvert, Transpec or similar
Enable automated testing with RSpec, Capybara, test.check, Clojure,test or similar for Dependabot updates to validate compatibility with the codebase, reducing dependency-related risks.
Implement and Enhance Shift-Left Practices in CI/CD:
Create workflows that allow low-risk updates (such as minor dependency upgrades) to merge automatically when all tests pass, speeding up development cycles.
Support Developer Enablement and Education:
Host sessions on secure coding and using automation tools to build secure applications, encouraging a culture of proactive security in development.
Develop and share documentation that simplifies the use of security tools, helping developers understand dependency and vulnerability management basics.
Collaborate on CI/CD Optimization and Automation:
Set up monitoring and automated reporting for key metrics, such as dependency update success rates, time-to-fix vulnerabilities, and code quality trends.
Identify and implement automation opportunities to further streamline code quality and dependency management across development cycles.
Qualifications
Must Have Skills:
Experience with GitHub advance security, Brakeman, Snyk, lein-nvd
Experience with Ruby gems management with Bundle, Dependabot, Leiningen
Knowledge of OWASP Top10, Sonar, ZAP
5+ years in Ruby development, with exposure to dependency management and vulnerability remediation
Proven experience in managing dependencies, security updates, and automated PRs within GitHub or similar version control systems
Good to have Skills:
Experience with Clojure development and vulnerability remediation
Expertise with tools such as antq, depsy, cljfmt, clj-kondo
2+ years in Clojure development, with exposure to dependency management and vulnerability remediation
Soft Skills:
Excellent communication skills to collaborate effectively with development, DevOps, and QA teams.
Ability to advocate for and drive shift-left practices, enabling teams to adopt security and quality checks early in the development lifecycle.
Problem-solving skills with a focus on creating scalable, maintainable solutions that support a proactive DevOps environment.
EXPERIENCE
- 11-12 Years
SKILLS
- Primary Skill: Open Source Development
- Sub Skill(s): Open Source Development
- Additional Skill(s): Ruby, JavaScript Development
ABOUT THE COMPANY
Infogain is a human-centered digital platform and software engineering company based out of Silicon Valley. We engineer business outcomes for Fortune 500 companies and digital natives in the technology, healthcare, insurance, travel, telecom, and retail & CPG industries using technologies such as cloud, microservices, automation, IoT, and artificial intelligence. We accelerate experience-led transformation in the delivery of digital platforms. Infogain is also a Microsoft (NASDAQ: MSFT) Gold Partner and Azure Expert Managed Services Provider (MSP).
Infogain, an Apax Funds portfolio company, has offices in California, Washington, Texas, the UK, the UAE, and Singapore, with delivery centers in Seattle, Houston, Austin, Kraków, Noida, Gurgaon, Mumbai, Pune, and Bengaluru.