Overview
Contract - W2
Contract - 25 day((s))
Skills
SAST
checkmark
SonarQube
Job Details
Employment Type: W2 Only (No C2C, C2H, or Third Party Vendor)
Job Title: SAST Engineer (Application Security)
Location: Charlotte, NC and New Jersey, NJ
Job Description:
We are seeking a hands-on SAST Engineer with strong expertise in Static Application Security Testing (SAST) tools. The ideal candidate will have practical experience configuring, tuning, and integrating SAST solutions within enterprise environments and CI/CD pipelines.
Responsibilities:
Implement, configure, and manage SAST tools such as Snyk, SonarQube, Veracode, Checkmarx, and CodeSonar.
Tune rules, policies, and workflows to improve accuracy and reduce false positives.
Integrate SAST tools into CI/CD pipelines for automated vulnerability detection.
Collaborate with development and DevSecOps teams to remediate code vulnerabilities.
Provide secure coding guidance and support adoption of secure SDLC practices.
Track, analyze, and report on vulnerabilities and remediation progress.
Required Skills:
Strong hands-on experience with 3 or more SAST tools:
- Snyk
- SonarQube
- Veracode
- Checkmarx
- GrammaTech CodeSonar
Strong understanding of application security concepts and OWASP Top 10.
Experience integrating SAST tools into DevSecOps pipelines.
Strong communication and collaboration skills to work with developers.
Nice to Have:
Experience with multiple programming languages (Java, C/C++, Python, .NET).
Prior experience in Application Security or DevSecOps roles.
Email:
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.