Security Engineer DAST/SAST

Job Description

At Capgemini Engineering, the world leader in engineering services, we bring together a global team of engineers, scientists, and architects to help the world's most innovative companies unleash their potential. From autonomous cars to life-saving robots, our digital and software technology experts think outside the box as they provide unique R&D and engineering services across all industries. Join us for a career full of opportunities. Where you can make a difference. Where no two days are the same.

Your Role

- Perform static application security testing on source code using Fortify.
- Perform software composition analysis using Sonatype IQ
- Assist with scan onboarding and troubleshooting
- Integrate tools into Jenkins pipelines
- Collaborate with teams to remediate high/critical findings
- Generate and analyse SCA scan result
- Automate reporting and dashboards

Works in the area of Software Engineering, which encompasses the development, maintenance and optimization of software solutions/applications.1. Applies scientific methods to analyse and solve software engineering problems.2. He/she is responsible for the development and application of software engineering practice and knowledge, in research, design, development and maintenance.3. His/her work requires the exercise of original thought and judgement and the ability to supervise the technical and administrative work of other software engineers.4. The software engineer builds skills and expertise of his/her software engineering discipline to reach standard software engineer skills expectations for the applicable role, as defined in Professional Communities.5. The software engineer collaborates and acts as team player with other software engineers and stakeholders.

Your Profile

- Deep understanding of Source code review, SCA and SBOM
- Hands-on experience with SAST and SCA tool Fortify SCA, Sonatype IQ.
- Good understanding of secure coding practices for languages such as Java, .NET ,JavaScript,Python,etc.
- Strong knowledge of OWASP Top 10, CWE, and secure software development lifecycle (SSDLC).
- Familiarity with CI/CD pipelines and integrating security tools in DevOps. (Jenkins, GitHub)
- Security certifications such as OSCP, GWAPT, eWPTX, CEH, CRTP will be an added advantage.

What will you love working at Capgemini

- Every Monday, kick off the week with a musical performance by our in-house band - The Rubber Band. Also get to participate in internal , yoga challenges, or marathons.
- At Capgemini, you can work on in tech and engineering with industry leaders or create to overcome societal and environmental challenges.
- You will get comprehensive wellness benefits including health checks, telemedicine, insurance with top-ups, elder care, partner coverage or new parent support via flexible work.
- You will have the on one of the industry's largest digital learning platforms, with access to 250,000+ courses and numerous certifications.

Capgemini is a global business and technology transformation partner, helping organizations to accelerate their dual transition to a digital and sustainable world, while creating tangible impact for enterprises and society. It is a responsible and diverse group of 340,000 team members in more than 50 countries. With its strong over 55-year heritage, Capgemini is trusted by its clients to unlock the value of technology to address the entire breadth of their business needs. It delivers end-to-end services and solutions leveraging strengths from strategy and design to engineering, all fueled by its market leading capabilities in AI, generative AI, cloud and data, combined with its deep industry expertise and partner ecosystem.

---