Dear All,
NextEra is looking for a dynamic resourcein OpenText Application Security role.
Key Responsibilities:
- Application Security Testing & Tool Management Lead administration and configuration of OpenText Fortify AST tools (SAST, DAST, SCA, ScanCentral)
- Customize security policies, scan rules, and quality gates based on organizational risk appetite
- Manage tool upgrades, patching, performance tuning, and license utilization Secure SDLC & DevSecOps
- Enablement Integrate AST tools with CI/CD pipelines (Azure DevOps, Jenkins, GitLab, Bitbucket, GitHub)
- Enable automated security scanning during build, test, and release stages
- Define and enforce security gates for code promotion and release approvals
- Vulnerability Analysis & Remediation Support Analyze scan findings, reduce false positives, and prioritize risks
- Map vulnerabilities to OWASP Top 10, CWE, CVE and internal risk frameworks
- Work closely with developers to provide clear remediation guidance and secure coding recommendations
- Advisory & Stakeholder Engagement Act as the primary application security advisor for projects and programs
- Participate in application design and security architecture reviews Collaborate with SOC, infrastructure, and cloud security teams for end‑to‑end risk coverage
- Governance, Risk & Compliance Support regulatory and internal compliance requirements (ISO 27001, SOC 2, PCI‑DSS, NCA, SAMA, etc.)
- Produce security metrics, dashboards, and audit evidence
- Help define application security standards, procedures, and best practices
- Knowledge Sharing & Mentoring Conduct application security awareness sessions for developers and QA teams
- Mentor junior application security engineers and analysts Create and maintain SOPs, runbooks, and technical documentation.
Experience: 7 years in security operations & Application Security.
