Job Description The SCA Implementation SME will focus on implementing and optimizing Software Composition Analysis (SCA) tools and processes across the organization. This leadership role will guide the integration, and operationalization to strengthen software supply chain security. The SME will influence process improvements, policy development, and training strategies. • Serve as the delegate for the Project Lead, supporting program execution and stakeholder engagement. • Lead the implementation, configuration, and management of SCA tools (e.g., Endor Labs, Mend/WhiteSource, Black Duck, Snyk) to identify vulnerabilities and license compliance issues in open-source and third-party components. • Define and optimize policies, standards, and workflows for SCA integration and vulnerability management. • Integrate SCA tools and processes into the Software Development Lifecycle (SDLC) and CI/CD pipelines to automate security checks. • Guide the development of secure coding and open-source governance training programs. • Monitor industry trends and emerging technologies to recommend enhancements to SCA tools and methodologies. • Establish metrics and reporting frameworks to measure program effectiveness and progress. • Support troubleshooting and escalation management for SCA-related issues in collaboration with technical teams and vendors. • Oversee generation and management of Software Bills of Materials (SBOMs) for compliance and risk assessment. We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/. Skills and Requirements • SCA Expertise: Deep understanding of SCA principles, tools, and best practices for managing open-source and third-party components. • Software Supply Chain Security: Strong knowledge of vulnerability prevention, license compliance, and SBOM management. • Tooling Knowledge: Familiarity with Endor Labs, Mend/WhiteSource, Black Duck, Snyk, and related technologies. • DevSecOps Integration: Experience embedding SCA into CI/CD pipelines and automating security checks. • Program Leadership: Ability to guide large-scale security initiatives, manage tool migrations, and optimize processes. • Strategic Communication: Skilled in influencing stakeholders and articulating program goals and improvements. • Risk Assessment: Experience assessing vulnerabilities and license risks in third-party components.