Jobs via Dice
Role Purpose
The engineer operationalizes Veracode Static Application Security Testing (SAST) across development teams, coordinates scans, validates false-positives, and guides developers to remediate vulnerabilities and meet policy SLAs.
Key Responsibilities
Onboard projects and development teams onto the Veracode SAST platform.
Configure application profiles, policies, and automated scans.
Review scan results, triage findings, and verify false-positive rejections.
Partner with developers to remediate vulnerabilities and re-run scans.
Maintain dashboards and compliance reports for AppSec governance.
Collaborate with the Tenable platform team to ensure findings integrate into enterprise vulnerability reporting.
Provide secure-coding guidance and developer enablement sessions.
Skills & Experience
4-8 years in Application Security or Secure Software Development.
Hands-on with Veracode SAST (onboarding, policy scan setup, IDE integration).
Strong knowledge of OWASP Top 10 and secure-coding principles.
Ability to validate false positives using code review and regex-based rules.
Exposure to Java, .NET, Python, or JavaScript applications.
Experience with CI/CD tools (Jenkins, Azure DevOps, GitHub Actions).
Excellent communication and cross-team collaboration skills.
Preferred Certifications Veracode Certified Engineer (SAST) / Security+ / OWASP member.
Seniority level
Mid-Senior level
Employment type
Full-time
Job function
Information Technology
Industries
Software Development
#J-18808-Ljbffr
Key Responsibilities
Onboard projects and development teams onto the Veracode SAST platform.
Configure application profiles, policies, and automated scans.
Review scan results, triage findings, and verify false-positive rejections.
Partner with developers to remediate vulnerabilities and re-run scans.
Maintain dashboards and compliance reports for AppSec governance.
Collaborate with the Tenable platform team to ensure findings integrate into enterprise vulnerability reporting.
Provide secure-coding guidance and developer enablement sessions.
Skills & Experience
4-8 years in Application Security or Secure Software Development.
Hands-on with Veracode SAST (onboarding, policy scan setup, IDE integration).
Strong knowledge of OWASP Top 10 and secure-coding principles.
Ability to validate false positives using code review and regex-based rules.
Exposure to Java, .NET, Python, or JavaScript applications.
Experience with CI/CD tools (Jenkins, Azure DevOps, GitHub Actions).
Excellent communication and cross-team collaboration skills.
Preferred Certifications Veracode Certified Engineer (SAST) / Security+ / OWASP member.
Seniority level
Mid-Senior level
Employment type
Full-time
Job function
Information Technology
Industries
Software Development
#J-18808-Ljbffr