Skills

Communication Leadership Python Bash Penetration Testing Ethical Hacking Problem-solving Software Development SDLC

Job Specifications

Job Description

A leading Boston-based bank is seeking a Mid-Level Application Security Engineer to support and secure its growing portfolio of internal and customer-facing applications. This team plays a key role in strengthening software security within a highly regulated financial environment, making it an excellent fit for someone who enjoys blending hands-on technical analysis with collaborative problem-solving.

In this role, you'll be responsible for performing SAST, DAST, and SCA scans, reviewing code for vulnerabilities, and partnering with development teams to remediate findings. You'll help define best practices, improve secure SDLC processes, and ensure applications meet internal and regulatory security requirements.

Required Skills & Experience

2+ years of professional experience in Application Security or Secure Software Development
Proficiency with SAST, DAST, and SCA tools (e.g., Veracode, Checkmarx, SonarQube, etc.)
Experience reviewing source code for security vulnerabilities
Strong communication skills with the ability to explain findings to developers and leadership
Penetration testing or ethical hacking experience is a plus

Desired Skills

Familiarity with secure SDLC processes and DevSecOps principles
Exposure to financial services or other regulated industries
Knowledge of OWASP Top 10 and common application-layer threats
Scripting skills (Python, Bash, etc.) to automate scans or reporting
Relevant certifications such as GWEB, GWAPT, or eLearnSecurity certifications

What You'll Be Doing

Tech Breakdown

50% Static/Dynamic/Composition scanning and analysis
30% Code review and vulnerability remediation support
20% Collaboration, documentation, and secure SDLC improvements

Daily Responsibilities

Run and interpret SAST, DAST, and SCA scans across multiple applications
Perform manual code reviews to identify and validate vulnerabilities
Partner with developers to triage, prioritize, and remediate findings
Contribute to secure coding standards and internal appsec guidelines
Support ongoing improvements to application security tooling and processes

Posted By: Sarah Carroll

About the Company

Motion Recruitment delivers IT Talent Solutions for Contract, Direct Hire, Managed Solutions and Statement of Work to all of North America from our 21 delivery centers. Our high-touch, specialized, team-based recruitment model’s success is proven through our exemplary track record in filling the most challenging IT positions for startup and enterprise clients alike. Our hyper-specialized tech focus results in a truly consultative approach for both our clients and candidates, within our recruiting areas of expertise: Software... Know more