DevSecOps Engineer - SAST/DAST

Description :

This role offers hands-on security work, continuous learning opportunities, and exposure across modern platforms. It suits someone who combines technical expertise with a strong growth mindset, a customer-first approach and an inclusive way of working.

Who You Are :

- Skilled in your domain with practical experience to demonstrate it.

- Motivated to learn, improve and evolve your capabilities.

- Focused on enabling teams and improving product security

- Collaborative and open in how you work across functions.

Required Skills and Experience :

- 4+ years of experience in cybersecurity.

- Strong understanding of network routing, switching, troubleshooting, load balancing and VPNs.

- Ability to configure and manage SCA scans in Prisma Cloud and Fortify.

- Integrate SCA scanning into CI/CD pipelines.

- Review results for open source dependency risks and third party libraries.

- Triage license, CVE and transitive dependency issues.

- Provide developers with remediation guidance.

- Monitor scan success and tool availability.

- Report metrics, support SBOM and map compliance to OSS policies.

- Track remediation SLAs, verify closures and escalate non-compliance.

Skills and Experience :

- Knowledge of cloud computing, cloud security architecture, hybrid and multi cloud setups.

- Familiarity with vulnerability scanning, application security, penetration testing, encryption, secure coding and identity management.

- Understanding of incident response, security operations, risk management and threat analysis.

- Experience with DevSecOps practices and security integration in agile pipelines.

- Awareness of emerging security trends such as AI in security, zero trust and secure remote access.

Tools :

- SAST : Microfocus Fortify

- DAST : WebInspect

- DevSecOps : Jenkins, JFrog, GitHub, Qualys