Job Description
Position Responsibilities
- Perform code scanning, validation, tuning, and optimization using SAST, DAST, and SCA tools (e.g., Snyk, Burp Suite, SonarQube, Veracode, and Checkmarx) to ensure accurate, prioritized, and actionable remediation results.
- Conduct penetration testing, code scanning, secrets management (GitGuardian), and threat modeling for business applications to determine risk ratings and prioritize the vulnerabilities discovered along with the organization’s remediation timelines.
- Execute intake, triage, analysis, and reporting procedures for security assessments.
- Experience working with code repositories such as GitHub and with CI/CD pipelines in Azure DevOps.
- Coordinate assessment and risk analysis activities, evaluate governance processes, and recommend improvement opportunities.
- Supports establishment, development, and maintenance of risk governance frameworks, risk assessment methodologies, risk met...