Job Details

The SAST Implementation SME will focus on integrating and optimizing Static Application Security Testing (SAST) tools and processes across the organization. This leadership role will guide the implementation, and operationalization, ensuring alignment with secure coding standards and organizational objectives. The SME will influence process improvements, tool migration strategies, and the development of training and best practices.
• Serve as the delegate for the Project Lead, supporting program execution and stakeholder engagement.
• Lead the selection, proof-of-concept (PoC), configuration, and implementation of SAST tools (e.g., Checkmarx, Veracode, SonarQube, Fortify) within development environments and CI/CD pipelines.
• Define and optimize policies, standards, and workflows for SAST integration and vulnerability management.
• Collaborate with engineering, security, and product teams to embed SAST into the Software Development Lifecycle (SDLC) and DevSecOps pipelines.
• Guide the development of secure coding training and awareness programs.
• Monitor industry trends to recommend enhancements to SAST tool implementation and utilization methodologies.
• Establish metrics and reporting frameworks to measure program effectiveness and progress.
• Support troubleshooting and escalation management for SAST-related issues in collaboration with technical teams and vendors.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to ...@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:

Required Skills & Experience
• SAST Expertise: Deep understanding of SAST tools and their deployment, configuration, and optimization.
• Secure Coding Practices: Strong knowledge of vulnerability prevention techniques and standards (e.g., OWASP Top 10, CWE/SANS Top 25).
• Tooling Knowledge: Familiarity with Checkmarx, Veracode, SonarQube, Fortify, and related technologies.
• DevSecOps Integration: Experience embedding SAST into CI/CD pipelines and automating security checks.
• Program Leadership: Ability to guide large-scale security initiatives, manage tool migrations, and optimize processes.
• Strategic Communication: Skilled in influencing stakeholders and articulating program goals and improvements.
• Troubleshooting: Strong problem-solving skills for SAST-related technical challenges.

Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.