Jobs via Dice
Application Security Engineer Veracode SAST - Fulltime role
Jobs via Dice, Charlotte, North Carolina, United States, 28245
Application Security Engineer Veracode SAST - Fulltime role
Join to apply for the Application Security Engineer Veracode SAST - Fulltime role at Jobs via Dice. FTE only. 5 days in office. Location: Charlotte, Raleigh, Birmingham, Memphis. Role Purpose
The engineer operationalizes Veracode Static Application Security Testing (SAST) across development teams, coordinates scans, validates false-positives, and guides developers to remediate vulnerabilities and meet policy SLAs. Key Responsibilities Onboard projects and development teams onto the Veracode SAST platform. Configure application profiles, policies, and automated scans. Review scan results, triage findings, and verify false-positive rejections. Partner with developers to remediate vulnerabilities and re-run scans. Maintain dashboards and compliance reports for AppSec governance. Collaborate with the Tenable platform team to ensure findings integrate into enterprise vulnerability reporting. Provide secure-coding guidance and developer enablement sessions.
Skills & Experience
48 years in Application Security or Secure Software Development. Hands?on with Veracode SAST (onboarding, policy scan setup, IDE integration). Strong knowledge of OWASP Top?10 and secure?coding principles. Ability to validate false positives using code review and regex?based rules. Experience with Java, .NET, Python, or JavaScript applications. Experience with CI/CD tools (Jenkins, Azure DevOps, GitHub Actions). Excellent communication and cross?team collaboration skills. Preferred Certifications
Veracode Certified Engineer (SAST) / Security+ / OWASP member. Additional Skill Requirements
Strong understanding of application security principles, OWASP Top?10, and SDLC best practices. Experience in resolving vulnerabilities using at least one programming language such as Java or .NET. Prior development experience using at least one technology stack (Java, .NET, or equivalent). Ability to analyze and provide secure coding recommendations based on real application scenarios.
Seniority level
Mid?Senior level
Employment type
Full?time
Job function
Information Technology
#J-18808-Ljbffr
Join to apply for the Application Security Engineer Veracode SAST - Fulltime role at Jobs via Dice. FTE only. 5 days in office. Location: Charlotte, Raleigh, Birmingham, Memphis. Role Purpose
The engineer operationalizes Veracode Static Application Security Testing (SAST) across development teams, coordinates scans, validates false-positives, and guides developers to remediate vulnerabilities and meet policy SLAs. Key Responsibilities Onboard projects and development teams onto the Veracode SAST platform. Configure application profiles, policies, and automated scans. Review scan results, triage findings, and verify false-positive rejections. Partner with developers to remediate vulnerabilities and re-run scans. Maintain dashboards and compliance reports for AppSec governance. Collaborate with the Tenable platform team to ensure findings integrate into enterprise vulnerability reporting. Provide secure-coding guidance and developer enablement sessions.
Skills & Experience
48 years in Application Security or Secure Software Development. Hands?on with Veracode SAST (onboarding, policy scan setup, IDE integration). Strong knowledge of OWASP Top?10 and secure?coding principles. Ability to validate false positives using code review and regex?based rules. Experience with Java, .NET, Python, or JavaScript applications. Experience with CI/CD tools (Jenkins, Azure DevOps, GitHub Actions). Excellent communication and cross?team collaboration skills. Preferred Certifications
Veracode Certified Engineer (SAST) / Security+ / OWASP member. Additional Skill Requirements
Strong understanding of application security principles, OWASP Top?10, and SDLC best practices. Experience in resolving vulnerabilities using at least one programming language such as Java or .NET. Prior development experience using at least one technology stack (Java, .NET, or equivalent). Ability to analyze and provide secure coding recommendations based on real application scenarios.
Seniority level
Mid?Senior level
Employment type
Full?time
Job function
Information Technology
#J-18808-Ljbffr