SCA Implementation SME

Tampa, FL - USA

Monthly Salary: Not Disclosed

Posted on: Yesterday

Vacancies: 1 Vacancy

Job Summary

Role Summary

The SCA Implementation SME will focus on implementing and optimizing Software Composition Analysis (SCA) tools and processes across the organization. This leadership role will guide the integration and operationalization to strengthen software supply chain security. The SME will influence process improvements policy development and training strategies.

Key Responsibilities

Serve as the delegate for the Project Lead supporting program execution and stakeholder engagement.

Lead the implementation configuration and management of SCA tools (e.g. Endor Labs Mend/WhiteSource Black Duck Snyk) to identify vulnerabilities and license compliance issues in open-source and third-party components.

Define and optimize policies standards and workflows for SCA integration and vulnerability management.

Integrate SCA tools and processes into the Software Development Lifecycle (SDLC) and CI/CD pipelines to automate security checks.

Guide the development of secure coding and open-source governance training programs.

Monitor industry trends and emerging technologies to recommend enhancements to SCA tools and methodologies.

Establish metrics and reporting frameworks to measure program effectiveness and progress.

Support troubleshooting and escalation management for SCA-related issues in collaboration with technical teams and vendors.

Oversee generation and management of Software Bills of Materials (SBOMs) for compliance and risk assessment.

Required Knowledge & Skills

SCA Expertise: Deep understanding of SCA principles tools and best practices for managing open-source and third-party components.

Software Supply Chain Security: Strong knowledge of vulnerability prevention license compliance and SBOM management.

Tooling Knowledge: Familiarity with Endor Labs Mend/WhiteSource Black Duck Snyk and related technologies.

DevSecOps Integration: Experience embedding SCA into CI/CD pipelines and automating security checks.

Program Leadership: Ability to guide large-scale security initiatives manage tool migrations and optimize processes.

Strategic Communication: Skilled in influencing stakeholders and articulating program goals and improvements.

Risk Assessment: Experience assessing vulnerabilities and license risks in third-party components.

Required Skills :

Basic Qualification :

Additional Skills :

Background Check : No

Drug Screen : No

N/A

Stipend :false

Role SummaryThe SCA Implementation SME will focus on implementing and optimizing Software Composition Analysis (SCA) tools and processes across the organization. This leadership role will guide the integration and operationalization to strengthen software supply chain security. The SME will influenc...