Outstanding long-term contract opportunity. A well-known Financial Services Company is looking for an Application Security Engineer to join the Application Security Team. You will have the opportunity to work a hybrid schedule (3 days onsite / 2 days remote).
Locations: Can be based in either of the following locations
- Westlake, TX 76262
- Charlotte, NC 28262
- Chandler, AZ 85286
- Minneapolis, MN 55415
Contract Duration: 12 Months
Our client is moving quickly to fill this position, and the candidate submission window will on Monday 6/2. If you're interested, apply ASAP to be considered. Interview days are scheduled for Wed 6/4 and Thurs 6/5.
This role does not allow for C2C consultants nor participate in C2H. Must be authorized to work in the U.S. without sponsorship
About this role:
This role is responsible for developing, managing, and delivering secure code requirements and designs for application teams to follow as they develop secure code for the bank. Will analyze and recommend improvements for vulnerability remediation for impacted applications. Will work with application development and software engineering teams to build consensus in resolution of issues and optimize performance.
Required Skills & Experience
- 4+ years of Application Security experience.
- 4+ years of experience with cybersecurity frameworks such as NIST Secure Software Development Framework (SSDF) or OWASP Application Security Verification Standards (ASVS).
- SDLC experience - different frameworks
- Secure code standards
- Secure design
- Scripting - Python; maybe JavaScript
- Automate generation of sec requirements into Jira
- Data Analysis
- App Sec policy change rollouts
- Vulnerability scoring process
- Scoping matrix for application sec controls
- Knowledge of tools - vulnerability management - translate to requirements/standards to help prevent app teams from coding vulnerabilities
Desired Skills & Experience
- Experience with SD Elements.
- Experience with vulnerability management / vulnerability operations, specifically in Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), and Penetration Testing.
- Experience with DevSecOps.
- Experience with Azure Cloud and Google Cloud platforms.
- Experience executing controls and responding to tests or audits of controls.
- Coding/Scripting experience with Python, Excel VBA, PowerShell, JavaScript.
- Experience with Tableau or Power BI dashboards.
- Excellent data engineering skills, ETL, statistical analysis, business intelligence / reporting skills.
- Cybersecurity Certifications: CISSP, CompTIA Security+, CISM, GIAC, SDDLP, GSEC, or CCSP.
Motion Recruitment Partners is an Equal Opportunity Employer, including disability/vets. All applicants must be currently authorized to work on a full-time basis in the country for which they are applying, and no sponsorship is currently available. Employment is subject to the successful completion of a pre-employment screening. Accommodation will be provided in all parts of the hiring process as required under Motion Recruitment Employment Accommodation policy. Applicants need to make their needs known in advance.