SecOps Engineer

Job Title : SecOps Engineer

Location : Iselin, NJ or Charlotte, NC (Hybrid)

Duration : 12-month contract project with the possibility of extension and FTE

This role is part of application security engineering team responsible for scanning code

established guidelines, secure development policies and

procedures. This role will focus heavily on building and enhancing Software Composition

Analysis (SCA) practice, help software developers at various Wells Fargo CIO teams to

build faster, more securely, fine-tuning the tools, leveraging AI where possible to

improve processes and services for optimal developer experience.

Candidates must have experience with either Checkmarx or Blackduck tool!

Key Responsibilities :

• Managing security automation tools with focus on SCA (i.e. Checkmarx One,

BlackDuck) and other tools in the ecosystem along with supporting operational

management with regularly scheduled upgrade of the tools.

operations team to make sure SCA vulnerabilities are identified and recorded per

the application security policies and guidance.

workflow, establish best practices and design guidance to optimize experience

for developers

requested from various CIO teams, research and recommend cutting-edge tools

and industry best practices.

audits (e.g., SOC 2, PCI-DSS) and recommending relevant policies.

detection on OpenSource, code signing and SBOM creation

supply chains for effective automation and management.

Required Qualifications :

demonstrated through one or a combination of the following : work experience,

training, military experience, education

collaborating with developers to adopt and mature secure development

RUST, C++

Desired Qualifications :

projects

Maven, Artifactory, Harness, Xray, Curation)

procedures and tool configuration

code remediation, open-source threat intelligence would be preferred.

container technologies such as Openshift

SPDX, managing or utilizing dependency track