Cybersecurity – AppSec / DevSecOps

Integrate Fortify Static Code Analyzer and other SAST/DAST/SCA tools into DevSecOps pipelines.

Conduct security assessments and penetration testing for web and mobile applications using tools like Burp Suite, Web Inspect, Postman, and open-source tools.

Provide guidance on secure coding practices, threat modeling, and OWASP Top 10 compliance.

Configure CI/CD pipelines (Jenkins, GitHub Actions, GitLab, Azure DevOps) to automate security scans and validate results.

Collaborate with development teams to triage false positives, track remediation, and ensure security vulnerabilities are addressed.

Monitor scan performance, maintain dashboards, and provide insights to AppSec leadership.