OWASP Remediation Engineer

at  Motion Recruitment

Outstanding long-term contract opportunity! A well-known Financial Services Company is looking for a Software Engineer in Phoenix, AZ (Hybrid).
Work with the brightest minds at one of the largest financial institutions in the world. This is a long-term contract opportunity that includes a competitive benefit package! Our client has been around for over 150 years and is continuously innovating in today’s digital age. If you want to work for a company that is not only a household name, but also truly cares about satisfying customers’ financial needs and helping people succeed financially, apply today.
Contract Duration: 24 Months

Required Skills & Experience

• Knowledge of EASP operations (processes and procedures) also known as the Secure Software Development Life Cycle (S-SDLC) methodology.
• Expert knowledge and understanding of information security practices and policies, including Information Security Frameworks, Standards, and best practices.
• 2 + years of experience communicating system vulnerabilities and remediation guidance to both technical and non-technical personnel.
• 2 + year of experience remediating Open Web Application Security Project (OWASP) common AppSec Vulnerabilities such as XSS, Parameter tampering and Injection.
• 3+ years of application development and implementation experience.
• 1+ year of SAST (Static Analysis Software Testing) experience.
• 1+ year of CheckMarx experience.
• Good verbal, written, and interpersonal communication skills.
• 4+ years of Software Engineering experience, or equivalent demonstrated through one or a combination of the following: work or consulting experience, training, military experience, education.

What You Will Be Doing

• Assist with daily operations of the Application Security Champion (ASC) operating model, which supports the Enterprise Application Security Program (EASP) providing secure coding governance and support services.
• Manage highly complex issues and negotiate solutions.
• Provide security solutions that require resolution of complex operational and integration issues associated with networks, data systems, and applications to successfully deploy secure technologies and to enhance existing technologies.
• Remediate OWASP common AppSec Vulnerabilities (i.e. XSS, Parameter tampering, Injection, etc.) is needed.
• Consult on or participate in moderately complex initiatives and deliverables within Software Engineering and contribute to large-scale planning related to Software Engineering deliverables.
• Review and analyze moderately complex Software Engineering challenges that require an in-depth evaluation of variable factors.
• Contribute to the resolution of moderately complex issues and consult with others to meet Software Engineering deliverables while leveraging solid understanding of the function, policies, procedures, and compliance requirements.
• Collaborate with client personnel in Software Engineering.

• Assist with daily operations of the Application Security Champion (ASC) operating model, which supports the Enterprise Application Security Program (EASP) providing secure coding governance and support services.
• Manage highly complex issues and negotiate solutions.
• Provide security solutions that require resolution of complex operational and integration issues associated with networks, data systems, and applications to successfully deploy secure technologies and to enhance existing technologies.
• Remediate OWASP common AppSec Vulnerabilities (i.e. XSS, Parameter tampering, Injection, etc.) is needed.
• Consult on or participate in moderately complex initiatives and deliverables within Software Engineering and contribute to large-scale planning related to Software Engineering deliverables.
• Review and analyze moderately complex Software Engineering challenges that require an in-depth evaluation of variable factors.
• Contribute to the resolution of moderately complex issues and consult with others to meet Software Engineering deliverables while leveraging solid understanding of the function, policies, procedures, and compliance requirements.
• Collaborate with client personnel in Software Engineering