Adroit Innovative Solutions
Job Title: Security Engineer – SAST & SCA (Application Security)
Location: San Jose, CA (5 Days Onsite)
We are actively hiring an experienced Security Engineer with expertise in Application Security (AppSec), Static Application Security Testing (SAST), Software Composition Analysis (SCA), and DevSecOps. This is an excellent opportunity to work with development teams to build secure applications and integrate security throughout the SDLC.
Required Skills
- 10+ years of experience in Application Security, DevSecOps, or Secure Software Development.
- Hands-on experience with SAST tools: Checkmarx, Fortify, Veracode, CodeQL
- Experience with SCA tools: Snyk, Black Duck, Mend (WhiteSource), Sonatype, Dependabot
- Strong understanding of: OWASP Top 10
- Secure Coding Practices, Vulnerability Management, CVSS Scoring
- Experience integrating security into: GitHub, GitLab, Azure DevOps, Jenkins, CI/CD Pipelines
- Scripting knowledge in Python, Bash, or PowerShell.
- Experience with Jira or similar ticketing tools.
Preferred Skills:
SBOM (CycloneDX, SPDX)
Container Security
Dependency Scanning
Cloud Application Security
Infrastructure as Code (Terraform Security)CSSLP, GWAPT, or OSCP certifications are required.
Responsibilities
- Perform Static Application Security Testing (SAST) and Software Composition Analysis (SCA).
- Identify, prioritize, and remediate vulnerabilities in applications and open-source software.
- Integrate security into CI/CD pipelines and developer workflows.
- Automate security scans, reporting, and vulnerability tracking.
- Partner with engineering teams to promote secure coding practices.
- Support compliance initiatives including ISO and SOC2
📧 Interested candidates, please share your updated resume along with your work authorization and current location.
Contact: Sana Parikshith
📧 sana.p@adroitinnovative.com
📞 469-827-7611
To apply for this job email your details to sana.p@adroitinnovative.com