Responsibilities:
-
Perform source code reviews (manual + automated) across diverse technologies.
-
Utilize tools like Checkmarx, SonarQube, Fortify, or Veracode for SAST analysis.
-
Identify, prioritize, and report security vulnerabilities with actionable remediation guidance.
-
Collaborate with developers, architects, and security teams to improve secure coding practices.
-
Contribute to Secure SDLC and DevSecOps initiatives.
-
Stay updated on OWASP Top 10, SANS25, CWE, and emerging threats.
Requirements:
-
5-6 years of experience in application security & source code review.
-
Proficiency in multiple programming languages (Java, .NET, Python, JavaScript, C/C++).
-
Strong hands-on experience with Checkmarx, SonarQube.
-
Good knowledge of SAST, DAST, vulnerability assessment, penetration testing.
-
Relevant certifications (CEH, OSCP, SANS25, LPT, CEPT, ISTQB Foundation or Advanced) preferred.
Skills:
-
Source Code Review
-
Multiple Languages
-
Checkmarx
-
SonarQube
-
Certifications (CEH/OSCP/SANS25/LPT/CEPT)
Industry Type: IT / Cyber Security
Department: Engineering – Software and QA
Role Category: Quality Assurance and Testing
Education:
-
UG: B.Tech/B.E. in Any Specialization
-
PG: Any Postgraduate
Key Skills:
-
Code Review
-
Python
-
OSCP
-
CEH
-
Vulnerability Assessment
-
Programming Languages
-
JavaScript
-
DAST
-
Java Application Security
-
Penetration Testing
-
SAST
-
DevSecOps
-
SSDLC Programming