. The ideal candidate will collaborate closely with development and DevOps teams to integrate security seamlessly into the CI/CD pipeline, identify and eliminate false positives, and drive vulnerability remediation across multiple business applications. Hands-on experience in
Snyk
or equivalent platforms will be a significant advantage.
Key Responsibilities:
Implement and maintain
SAST and SCA tools
within the CI/CD pipeline for continuous code scanning.
Analyze scan results, validate and triage false positives, and ensure accuracy of reported vulnerabilities.
Collaborate with development teams to guide and support remediation of security vulnerabilities.
Work with DevOps teams to automate security checks and streamline secure build and deployment processes.
Perform tool integrations
(Snyk, SonarQube, Checkmarx, or similar)
to improve visibility of the organization's security posture.
Provide technical guidance and training to developers on secure coding practices.
Participate in threat modeling, secure design discussions, and application architecture reviews.
Prepare and maintain documentation for processes, standards, and tool usage.
Required Skills & Experience:
5-8 years of experience in
Application Security
or
DevSecOps
domain.
Strong understanding of SAST and SCA tools (e.g., Checkmarx, Fortify, SonarQube, Snyk, or similar).
Proven ability to identify, analyze, and manage false positives effectively.
Good understanding of Secure SDLC and CI/CD environments.
Solid knowledge of web and API security concepts, OWASP Top 10, and secure coding standards.
Hands-on experience with DevOps tools such as Jenkins, GitLab, or Azure DevOps.
Excellent communication and collaboration skills to influence security adoption across teams.
Preferred / Nice to Have:
Experience using Snyk for open-source dependency management.
Exposure to container security, IaC scanning, or cloud-native security controls.
Security certifications such as CEH, OSCP, or CSSLP.
Job Type: Full-time
Pay: ₹300,000.00 - ₹500,000.00 per year
Application Question(s):
Can you join immediately?
What is your current CTC?
Experience:
DevSecOps: 5 years (Required)
Application Security: 5 years (Required)
Work Location: In person
Beware of fraud agents! do not pay money to get a job
MNCJobsIndia.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.