Location: Pittsburgh, PA / NY / NJ (Hybrid 3 days onsite in Pittsburgh or NY/NJ)
Client: Wipro
End Client: BNY Mellon
Rate: Market (Keep it low since its Wipro)
Job Description
We are seeking a
SAST Analyst to join our team, supporting
BNY Mellon through
Wipro. The ideal candidate will have expertise in
Static Application Security Testing (SAST) tools and methodologies to assess application security vulnerabilities. This role requires working onsite
three days per week in either
Pittsburgh, NY, or NJ.
Responsibilities
- Perform Static Application Security Testing (SAST) to identify vulnerabilities in application source code.
- Analyze findings from security scans, triage false positives, and provide recommendations for remediation.
- Collaborate with development, DevSecOps, and security teams to integrate SAST into CI/CD pipelines.
- Maintain and enhance security testing processes and policies.
- Generate detailed security reports and communicate risks to stakeholders.
- Stay updated with emerging security threats, best practices, and industry standards.
Required Skills & Qualifications:
- Hands-on experience with SAST tools such as Checkmarx, Fortify, Veracode, or SonarQube.
- Strong understanding of secure coding practices and application security principles.
- Familiarity with CI/CD integration and DevSecOps workflows.
- Ability to analyze security vulnerabilities and provide remediation guidance.
- Experience working in a financial or enterprise-level environment is a plus.
