Analyst, Informatics Security

Application Security Automation Engineer

Hybrid work model – 2 days/week in office.

Responsibilities

• Lead end‑to‑end SAST operations, including intake/scoping, onboarding, configuration, execution, triage, and reporting across diverse technology stacks.
• Tune scan tools to reduce false positives and improve signal quality; provide secure code review and root‑cause analysis support to development teams.
• Contribute to other testing programs (SCA, DAST) and integrate into CI/CD workflows as needed to support scan readiness, coverage validation, and triage of results.
• Evaluate and adopt AI‑assisted capabilities in security scanning/testing tools to improve triage speed, consistency, and remediation guidance.
• Assess the security implications of LLM‑enabled features on application threat models and emerging risks, e.g. supply chain integrity, prompt‑driven workflows, RAG pipelines.
• Identify gaps through risk‑base...