2

Remote Junior Web Developer Jobs in Vermont (NOW HIRING)

Dynamis is seeking a Junior Open-Source Intelligence Analyst to support Immigration and Customs ... Review web tips received online to identify possible allegations and specific actionable ...

Senior Project Engineer

Burlington, VT ยท Remote

$97K - $127K/yr

The work model for this role is: Remote {#LI-Remote} This role is contributing to the ... Ability to lead and mentor junior engineers in high-pressure situations. * Comfortable with up to ...

Remote Junior Web Developer information

See Vermont salary details

$31.9K

$84.3K

$124.9K

How much do remote junior web developer jobs pay per year?

As of Jul 15, 2026, the average yearly pay for remote junior web developer in Vermont is $84,256.00, according to ZipRecruiter salary data. Most workers in this role earn between $58,500.00 and $84,500.00 per year, depending on experience, location, and employer.

What are common challenges faced by remote junior web developers and how can they be overcome?

Remote junior web developers often face challenges such as limited opportunities for direct mentorship, difficulty staying connected with their team, and managing time effectively without in-person supervision. To overcome these challenges, it's important to proactively seek feedback, participate in virtual team meetings, and utilize collaboration tools like Slack or GitHub. Building a routine, setting clear goals, and reaching out to colleagues for support can help enhance productivity and foster professional growth, even in a remote environment.

What Does a Remote Junior Web Developer Do?

A remote junior web developer works with a team of developers to create new applications and websites. Unlike in-house web developers, remote junior web developers work from home or another location outside of the office. Remote junior web developers may occasionally attend meetings with clients to determine web design preferences or advise clients in-person about application maintenance, but they do the majority of their work remotely. The junior designation means you work under the supervision of upper-level developers in your department. But you still need to follow company protocols, federal regulations, and user needs when working on each project.

What does a Remote Junior Web Developer do?

A Remote Junior Web Developer is an entry-level professional who assists in building and maintaining websites or web applications while working from a remote location. Their tasks often include writing and debugging code, collaborating with team members via digital tools, and learning new technologies under the guidance of more experienced developers. They typically use languages like HTML, CSS, JavaScript, and may work with frameworks or content management systems. The role emphasizes continuous learning and adapting to new web development trends.

What are the key skills and qualifications needed to thrive as a Remote Junior Web Developer, and why are they important?

To thrive as a Remote Junior Web Developer, you need a solid understanding of HTML, CSS, JavaScript, and basic programming concepts, often supported by a relevant degree or coding bootcamp experience. Familiarity with version control systems like Git, basic knowledge of frameworks (such as React or Angular), and experience using collaborative tools like GitHub are typically required. Strong problem-solving skills, self-motivation, and effective written communication help you collaborate and learn in a remote environment. These skills ensure that you can build functional web applications, contribute to team projects, and adapt to the demands of remote work settings.

What is the difference between Remote Junior Web Developer vs Remote Front-End Developer?

AspectRemote Junior Web DeveloperRemote Front-End Developer
Required SkillsBasic HTML, CSS, JavaScriptHTML, CSS, JavaScript, frameworks like React or Angular
Experience LevelEntry-level, 0-1 yearJunior to mid-level, 1-3 years
Work EnvironmentRemote, team collaborationRemote, often client-facing or project-specific
Common UsageEntry-level web development rolesSpecialized front-end development tasks

The main difference is that a Remote Junior Web Developer typically has foundational skills in web development and is entry-level, while a Remote Front-End Developer focuses more on front-end technologies and may have more experience. Both roles are remote and industry-standard, but the Front-End Developer role often requires familiarity with specific frameworks and more advanced front-end skills.

What are the most commonly searched types of Remote Web Developer jobs in Vermont? The most popular types of Remote Web Developer jobs in Vermont are:
What are popular job titles related to Remote Junior Web Developer jobs in Vermont? For Remote Junior Web Developer jobs in Vermont, the most frequently searched job titles are:
What job categories do people searching Remote Junior Web Developer jobs in Vermont look for? The top searched job categories for Remote Junior Web Developer jobs in Vermont are:
What cities in Vermont are hiring for Remote Junior Web Developer jobs? Cities in Vermont with the most Remote Junior Web Developer job openings:
Infographic showing various Remote Junior Web Developer job openings in Vermont as of July 2026, with employment types broken down into 87% Full Time, and 13% Part Time. Highlights an 100% Remote job distribution, with an average salary of $84,256 per year, or $40.5 per hour.
Senior Security Engineer

Senior Security Engineer

Mach7 Technologies

Burlington, VT โ€ข Remote

Full-time

Posted 2 days ago

New


Job description

Title: Senior Security Engineer

Team: Engineering

Location: Remote-Friendly

About the Role:

We're looking for a Senior Security Engineer to lead application security efforts across our product portfolio, spanning web applications, APIs, mobile, embedded software, and shipped product deliverables. You'll be embedded in the engineering organization, partnering with product and platform teams to bake security into every phase of the software development lifecycle, not bolt it on at the end.


A critical part of this role is developing and maintaining a deep understanding of our product attack surface, how components interact, what's exposed, and where real risk lives. That understanding is what transforms security tooling output into prioritized, meaningful action across threat modeling, vulnerability management, and supply chain risk.


This is a high-impact role for someone who is equally comfortable reading source code, threat modeling a new microservice, and coaching a developer through a secure code review.





















What You'll Do

Application Security & Secure SDLC

  • Own and evolve the AppSec program across the entire SDLC โ€” from design reviews to post-deployment monitoring โ€” for web, API, mobile, and shipped product deliverables
  • Build and maintain a living model of the product attack surface โ€” mapping trust boundaries, data flows, exposed interfaces, and high-value targets โ€” and use it to drive prioritization across all security workstreams
  • Conduct threat modeling and architecture security reviews for new features, services, and product releases across all delivery channels
  • Perform manual and automated secure code reviews across multiple languages (e.g. Python, Go, TypeScript, C/C++)
  • Integrate and tune SAST, DAST, and SCA tooling within CI/CD pipelines (GitHub Actions, Jenkins, or equivalent)
  • Triage and drive remediation of vulnerabilities surfaced through scanning, bug bounty, and pen tests
  • Develop and maintain a library of security standards, patterns, and guardrails applicable across product types

Third-Party & Supply Chain Security

  • Own the Software Bill of Materials (SBOM) program โ€” define generation, storage, and consumption processes across all product lines
  • Establish and maintain policies for evaluating, onboarding, and continuously monitoring third-party dependencies and open-source components
  • Triage and prioritize CVEs and license risks surfaced through SCA tooling, driving timely remediation with engineering teams
  • Define processes for responding to upstream supply chain incidents (e.g. compromised packages, malicious dependencies)
  • Collaborate with procurement and legal to assess security risk of third-party vendors and integrations
  • Contribute to industry frameworks and internal standards around software supply chain security (SLSA, NIST SSDF, or equivalent)
  • Act as a trusted security advisor embedded within product engineering squads
  • Lead security training, lunch-and-learns, and developer education initiatives
  • Collaborate with the Platform team on secrets management, identity, and access controls
  • Work with the GRC function to translate compliance requirements (SOC 2, ISO 27001) into engineering controls

Incident & Vulnerability Management

  • Participate in the security on-call rotation and lead security incident response investigations
  • Drive root cause analysis and communicate findings clearly to engineering leadership
  • Build and maintain metrics and dashboards to track the health of the AppSec program
  • Participate as a member of the Cybersecurity council, representing development in the organization. Report weekly on new threat intelligence as it relates to product security, and any actions that are being taken to remediate new findings.
What We're Looking For
Required

ยท 5+ years of experience in security engineering, with a strong AppSec focus

ยท Hands-on experience with threat modeling frameworks (STRIDE, PASTA, or similar)

ยท Proficiency with common AppSec tooling: Semgrep, Snyk, Burp Suite, OWASP ZAP, or equivalents

ยท Deep understanding of web application vulnerabilities (OWASP Top 10, API security, auth/authz flaws)

ยท Ability to read and reason about code in at least two languages; prior development experience a plus

ยท Experience with software supply chain security โ€” SBOM generation and analysis (CycloneDX, SPDX), SCA tooling, and dependency risk management

ยท Strong written and verbal communication skills โ€” you can explain risk to both engineers and executives

Preferred

ยท Experience with cloud-native environments (AWS, GCP, or Azure) and container/Kubernetes security

ยท Familiarity with software supply chain frameworks such as SLSA, NIST SSDF, or OpenSSF Scorecards

ยท Contributions to open-source security tooling or security research

ยท Relevant certifications: OSCP, CSSLP, GWEB, or similar


We recognize that candidates bring diverse experiences and backgrounds. If you donโ€™t meet every requirement, we still encourage you to apply! Many strong candidates donโ€™t check every box. We value potential, growth, and impact as much as experience.


Who You Are

ยท Experienced security professional with a strong background in application security and secure software development.

ยท Skilled at threat modeling, secure code reviews, and identifying real-world risks across complex systems.

ยท Knowledgeable in web, API, mobile, and software supply chain security best practices.

ยท Comfortable working with developers to embed security throughout the SDLC.

ยท Proficient with security testing and vulnerability management tools, including SAST, DAST, and SCA solutions.

ยท Strong communicator who can translate technical risks into actionable recommendations.

ยท Collaborative, proactive, and driven to improve both product security and engineering security culture.

ยท Passionate about continuous learning, emerging threats, and helping teams build secure products at scale.


About Mach7:

Mach7 Technologies helps healthcare organizations bring all their medical images together in one place so they can be easily accessed, shared, and used to support patient care. Our enterprise imaging solutions, including a vendor-neutral archive (VNA), enterprise PACS, the eUnity enterprise diagnostic viewer, and teleradiology workflows, consolidate imaging from across the enterprise into a single, accessible source of truth. Built on open standards, including DICOM and a configurable HL7 engine, and free from proprietary data lock-in, our technology lets providers store, view, and share images on their own terms. The result is a simpler, more connected imaging environment that puts data ownership back where it belongs: with the people delivering care. Your data, your infrastructure, your choice.












AI Expectations

ยท Integrate AI into daily work โ€” leverage AI tools to enhance efficiency, elevate quality, and support smarter, faster decision-making.

ยท Apply critical human judgment to AI output โ€” review, validate, and take full accountability for AI-assisted work, ensuring accuracy and reliability.

ยท Continuously improve through AI โ€” proactively identify opportunities to optimize processes, rethink workflows, and challenge existing approaches rather than maintaining the status quo.

ยท Use AI responsibly and ethically โ€” safeguard sensitive information, adhere to company guidelines, and actively identify risks such as bias, inaccuracies, or misuse.

CLIMBS Culture Code

At Mach7, our culture is rooted in CLIMBS, a mindset that guides how we show up, collaborate, and grow each day. More than just a set of values, CLIMBS represents the standard we hold ourselves to and the way we approach our work, our teams, and our impact.

C โ€” Customer First
Every decision starts with the customerโ€™s perspective. Success = customer outcomes and satisfaction.

L โ€” Learn & Grow
Curiosity keeps us climbing. We embrace continuous learning, share knowledge freely, and invest in each otherโ€™s development.

I โ€” Innovate for Impact
We value meaningful, outcome-driven innovation over activity. We challenge the status quo and align behind real customer benefit.

M โ€” Minimize Complexity & Move
As complex as needed but no more. Agility beats bureaucracy. We move fast and stay focused on what matters.

B โ€” Build Good Sh*t
(Yes, intentionally memorable.) Extreme ownership, craftsmanship, and pride in high-quality work.

S โ€” Everyone Sells
Not just Salesโ€”Engineering, Product, Support, Finance, IT. We align behind commercial success to enable company success