Overview
On Site
60/hr - 70/hr
Full Time
Skills
Customer Facing
Finance
Technical Analysis
Conflict Resolution
Problem Solving
Software Development
Communication
Leadership
Penetration Testing
White Hat
DevSecOps
Financial Services
OWASP
Scripting
Python
Bash
Reporting
Code Review
Collaboration
Documentation
Software Development Methodology
SCA
Software Security
Job Details
Job Description
A leading Boston-based bank is seeking a Mid-Level Application Security Engineer to support and secure its growing portfolio of internal and customer-facing applications. This team plays a key role in strengthening software security within a highly regulated financial environment, making it an excellent fit for someone who enjoys blending hands-on technical analysis with collaborative problem-solving.
In this role, you'll be responsible for performing SAST, DAST, and SCA scans, reviewing code for vulnerabilities, and partnering with development teams to remediate findings. You'll help define best practices, improve secure SDLC processes, and ensure applications meet internal and regulatory security requirements.
Required Skills & Experience:
Desired Skills:
What You'll Be Doing
Tech Breakdown
Daily Responsibilities:
A leading Boston-based bank is seeking a Mid-Level Application Security Engineer to support and secure its growing portfolio of internal and customer-facing applications. This team plays a key role in strengthening software security within a highly regulated financial environment, making it an excellent fit for someone who enjoys blending hands-on technical analysis with collaborative problem-solving.
In this role, you'll be responsible for performing SAST, DAST, and SCA scans, reviewing code for vulnerabilities, and partnering with development teams to remediate findings. You'll help define best practices, improve secure SDLC processes, and ensure applications meet internal and regulatory security requirements.
Required Skills & Experience:
- 2+ years of professional experience in Application Security or Secure Software Development
- Proficiency with SAST, DAST, and SCA tools (e.g., Veracode, Checkmarx, SonarQube, etc.)
- Experience reviewing source code for security vulnerabilities
- Strong communication skills with the ability to explain findings to developers and leadership
- Penetration testing or ethical hacking experience is a plus
Desired Skills:
- Familiarity with secure SDLC processes and DevSecOps principles
- Exposure to financial services or other regulated industries
- Knowledge of OWASP Top 10 and common application-layer threats
- Scripting skills (Python, Bash, etc.) to automate scans or reporting
- Relevant certifications such as GWEB, GWAPT, or eLearnSecurity certifications
What You'll Be Doing
Tech Breakdown
- 50% Static/Dynamic/Composition scanning and analysis
- 30% Code review and vulnerability remediation support
- 20% Collaboration, documentation, and secure SDLC improvements
Daily Responsibilities:
- Run and interpret SAST, DAST, and SCA scans across multiple applications
- Perform manual code reviews to identify and validate vulnerabilities
- Partner with developers to triage, prioritize, and remediate findings
- Contribute to secure coding standards and internal appsec guidelines
- Support ongoing improvements to application security tooling and processes
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.