Qureos

FIND_THE_RIGHTJOB.

companyLogo
Lennox International

Sr. Security Analyst- SCA & SAST

JOB_REQUIREMENTS

Hires in

Not specified

Employment Type

Not specified

Company Location

Not specified

Salary

Not specified

Company Profile:
Lennox (NYSE: LII) Driven by 130 years of legacy, HVAC and refrigeration success, Lennox provides our residential and commercial customers with industry-leading climate-control solutions. At Lennox, we win as a team, aiming for excellence and delivering innovative, sustainable products and services. Our culture guides us and creates a workplace where all employees feel heard and welcomed. Lennox is a global community that values each team member’s contributions and offers a supportive environment for career development. Come, stay, and grow with us.
Job Description:
Experience & Qualification:
  • 3-6 years of relevant experience
  • B.E/B. Tech or master’s degree from a reputed institute with good academic’s history.
MUST HAVE
  • Technical Expertise
    • Strong knowledge of SAST and SCA methodologies.
    • Hands-on experience with tools like Fortify, Mend, Checkmarx, Veracode, SonarQube, GHAS.
  • Programming Knowledge
    • Proficiency in Java, .NET, Python, or JavaScript.
  • Certifications (Preferred)
    • CEH, CSSLP, GWAPT, or similar.
  • Experience
    • 3–6 years in application security.
Skills required:
  • SCA Management
    • Perform dependency scanning to identify vulnerable open-source components.
    • Use tools like Mend & GHAS for SCA.
    • Ensure compliance with licensing and vulnerability management policies.
  • SAST Implementation
    • Configure and run SAST tools (e.g., Fortify, Checkmarx, Veracode, SonarQube).
    • Integrate SAST into CI/CD pipelines for automated code scanning.
    • Analyze scan results, prioritize vulnerabilities, and guide remediation.
  • Secure Development Lifecycle
    • Collaborate with developers to enforce secure coding standards.
    • Conduct code reviews and threat modeling sessions.
  • Governance & Compliance
    • Align with OWASP Top 10, NIST, and ISO 27001 standards.
    • Support audits and generate compliance reports.
  • Training & Awareness
    • Conduct developer training on secure coding and vulnerability remediation.
Qualifications:
Role & Responsibility

The Senior Security Analyst (IC2) will be responsible for strengthening application security across the organisation by implementing secure development practices, performing vulnerability assessments, and driving DevSecOps initiatives. This role requires hands-on expertise in Static Application Security Testing (SAST), Software Composition Analysis (SCA), and a strong understanding of Application Security (AppSec) and DevSecOps principles.

Key Responsibilities:
  • Application Security Testing :
Perform SAST and SCA scans for web, API, and mobile applications.
Analyse scan results, prioritise vulnerabilities, and collaborate with development teams for remediation.

  • DevSecOps Integration
Embed security controls into CI/CD pipelines and automate security checks.
Drive adoption of secure coding practices and threat modelling across development teams.

  • Risk Management

Conduct security reviews and validate secure architecture designs.

Maintain compliance with industry standards (OWASP, NIST, ISO 27001).


  • Tool Management

Manage and optimise security tools such as HP Fortify, Checkmarx, Veracode, Burp Suite, and container security platforms.

Reduce false positives and improve scan efficiency.


  • Collaboration & Training

Partner with architects, DevOps, and product teams to integrate security early in the SDLC.

Deliver training sessions on secure coding and tool usage.


  • Continuous Improvement

Monitor emerging threats and recommend improvements to security processes.

Participate in POCs for new security tools and automation initiatives.

Similar jobs

Tekshiras Software Solutions Pvt ltd logo
Workday Security Senior Consultant

Tekshiras Software Solutions Pvt ltd

India

4 days ago

E-Emphasys Technologies Inc logo
Senior Quality Analyst - 1

E-Emphasys Technologies Inc

India

4 days ago

LatentView Analytics logo
Senior Analyst

LatentView Analytics

India

4 days ago

Capgemini logo
Network Security Engineer

Capgemini

India

4 days ago

Capgemini logo
Cybersecurity Engineer

Capgemini

India

4 days ago

Caterpillar logo
Cybersecurity Engineer

Caterpillar

India

4 days ago

Accenture logo
Contract Senior Analyst

Accenture

India

4 days ago

© 2025 Qureos. All rights reserved.

Term of usePrivacy policy