SAST Implementation SME
Job in
Tampa, Hillsborough County, Florida, 33646, USA
Listed on 2026-02-05
Listing for:
Kforce Inc
Full Time
position Listed on 2026-02-05
Job specializations:
-
IT/Tech
Cybersecurity, Systems Engineer, IT Project Manager, IT Consultant
Job Description & How to Apply Below
Responsibilities
- Serve as the delegate for the Project Lead, supporting program execution and stakeholder engagement
- Lead the selection, proof-of-concept (PoC), configuration, and implementation of SAST tools (e.g., Checkmarx, Veracode, Sonar Qube, Fortify) within development environments and CI/CD pipelines
- Define and optimize policies, standards, and workflows for SAST integration and vulnerability management
- Collaborate with engineering, security, and product teams to embed SAST into the Software Development Lifecycle (SDLC) and Dev Sec Ops pipelines
- Guide the development of secure coding training and awareness programs
- Monitor industry trends to recommend enhancements to SAST tool implementation and utilization methodologies
- Establish metrics and reporting frameworks to measure program effectiveness and progress
- Support troubleshooting and escalation management for SAST-related issues in collaboration with technical teams and vendors
- High School diploma/GED required
- SAST Expertise:
Deep understanding of SAST tools and their deployment, configuration, and optimization - Secure Coding Practices:
Strong knowledge of vulnerability prevention techniques and standards (e.g., OWASP Top 10, CWE/SANS Top 25) - Tooling Knowledge:
Familiarity with Checkmarx, Veracode, Sonar Qube, Fortify, and related technologies - Dev Sec Ops Integration:
Experience embedding SAST into CI/CD pipelines and automating security checks - SCA Expertise:
Deep understanding of SCA principles, tools, and best practices for managing open-source and third-party components - Software Supply Chain Security:
Strong knowledge of vulnerability prevention, license compliance, and SBOM management - Tooling Knowledge:
Familiarity with Endor Labs, Mend/White Source, Black Duck, Snyk, and related technologies - Dev Sec Ops Integration:
Experience embedding SCA into CI/CD pipelines and automating security checks - Program Leadership:
Ability to guide large-scale security initiatives, manage tool migrations, and optimize processes - Strategic Communication:
Skilled in influencing stakeholders and articulating program goals and improvements - Risk Assessment:
Experience assessing vulnerabilities and license risks in third-party components
Note:
This job description includes standard pay and benefits language. This job is not eligible for bonuses, incentives or commissions. Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×