Senior Security Engineer

at  Epam Systems

We are looking for a Security SAST Engineer with expertise in static application security testing, especially using GitHub CodeQL, to join our security team.
This role involves analyzing Java libraries and client projects to uncover security vulnerabilities and potential risks in the code. You’ll also be developing and maintaining CodeQL queries to enhance SAST coverage, as well as conducting false-positive/false-negative analyses to ensure accuracy in SAST results.

REQUIREMENTS

• Experience with SAST tools (preferably GitHub CodeQL) and a solid understanding of SAST workflows
• Basic proficiency in Java and ability to read and interpret code across various programming languages
• Experience with GitHub Actions and GitHub Advanced Security (GHAS) is a plus
• Knowledge in Python, JavaScript, and C# is an advantage
• Strong attention to detail and problem-solving skills for precise query writing and code analysis

• Conduct security analysis on Java libraries and SAP projects to identify vulnerabilities or unsafe code patterns
• Develop, test, and maintain custom CodeQL queries to improve SAST coverage and effectiveness
• Manage and update existing CodeQL queries to align with project needs and security standards
• Perform in-depth false-positive/false-negative analyses to refine SAST accuracy and reduce deviations in CodeQL results