Job description

Key Responsibilities: • Onboard projects and development teams onto the Veracode SAST platform. • Configure application profiles, policies, and automated scans. • Review scan results, triage findings, and verify false-positive rejections. • Partner with developers to remediate vulnerabilities and re-run scans. • Maintain dashboards and compliance reports for AppSec governance. • Collaborate with the Tenable platform team to ensure findings integrate into enterprise vulnerability reporting. • Provide secure-coding guidance and developer enablement sessions. Skills & Experience • 4 8 years in Application Security or Secure Software Development. • Hands-on with Veracode SAST (onboarding, policy scan setup, IDE integration). • Strong knowledge of OWASP Top 10 and secure-coding principles. • Ability to validate false positives using code review and regex-based rules. • Exposure to Java, .NET, Python, or JavaScript applications. • Experience with CI/CD tools (Jenkins, Azure DevOps, GitHub Actions). • Excellent communication and cross-team collaboration skills. Preferred Certifications : Veracode Certified Engineer (SAST) / Security+ / OWASP member.

Requirements