Sr. Associate, Cyber Sec Eng

Job Description: Sr. Associate, Cyber Sec Eng

Main tasks

• Support in the implementation, configuration and optimization of SAST and SCA tools throughout the SDLC.
• Refinement/optimization of rules, guidelines and onboarding frameworks for development teams.
• Support the integration of SAST and SCA into CI/CD pipelines to ensure minimal disruption to development processes.

Governance & risk-based management

• Support with governance frameworks, SLAs and remediation processes for identified vulnerabilities.
• Collaborate with developers, architects and product teams to triage and resolve findings.
• Ensuring that vulnerabilities are managed in line with the company's risk profile and compliance requirements.
• Support the DAST/PT team as required.

Stakeholder engagement & enablement

• Acts as a subject matter expert on SAST and SCA tools, processes and best practices.
• Provides ongoing training, workshops and consulting for development teams.
• Advocates for secure coding practices and promotes DevSecOps maturity.

Metrics & Continuous Improvement

• Develops KPIs, dashboards and reports to track scan requests, vulnerability trends and remediation effectiveness.
• Continuously evaluate the effectiveness of tools and process gaps to optimize security testing practices.
• Stay up to date on security trends, vulnerabilities and industry standards (e.g. OWASP, NIST, ISO).

Requirements

• 5+ years of relevant work experience.
• Infosec certifications or related (desirable, not required).
• Good knowledge of secure coding practices, software development lifecycle and DevSecOps.
• Knowledge of automation (desirable, not required).
• Strong analytical and problem solving skills.
• Experience with report visualization (Excel, ServiceNow, PowerPoint, Power BI, etc.).

We offer

• Movement within the company is encouraged, high-ranking managers are accessible.
• Workplace with a higher purpose.
• Flexibility in work requirements.