Static CodeSCA Principal Engineer

Static Code/SCA Principal Engineer

Start Date: 05/15/2024

End Date: 01/15/2025

Location: Atlanta Georgia & Charlotte North Carolina

Required Skills (Be specific):

• (hands on and is able to drive the SAST/SCA TIH identification and reporting tasks)
• Responsible for developing and maintaining the technical IT/cyber security capabilities necessary for safeguarding TIH applications in parallel with TIH AppSec including phases of SDLC and Static Application Security Lifecycle.
• Leads the designing planning testing and implementation phases of shifting SAST/SCA responsibilities to TIH.
• Develop and maintain the technical IT/cyber capabilities for TIH applications in scope of separation including all phases of the software development lifecycle and software stack with a primary focus on static application security testing (SAST) and software composition analysis (SCA).
• Work with TIH AppSec teams to identify methods to remediate vulnerabilities evaluate existing workarounds and troubleshoot false positives via manual code review.
• Aid in the integration of the SAST and SCA process into shiftleft processes (IDE Pipelines and Change Management Systems) of newly created TIH processes Participate in the implementation of new TIH information security technologies or integration of existing technologies including initial configuration installation change management and operational handoff.
• Provide technical support and vulnerability validation of identification processes running parallel to TIH processes to prove vulnerability identification in a timely manner and explain and interpret complex difficult or sensitive information.
• Create TIH separation specific reporting monthly/weekly in conjunction with TIH AppSec resources to ensure executive visibility into separation progress and ownership transfer roadmap of TIH applications.