Overview
Skills
Job Details
Position Title: QA Security Tester Job Level: P3
Reports To: AVP Quality Assurance
Department: IT Quality and Certification Has Direct Reports: No
Position Summary
Credit One Bank is looking for a Security Tester to join our QA team in Las Vegas This position will report into the QA Security Lead and is responsible for testing, analyzing scan results, reporting, and assisting with remediation of security vulnerabilities.
Summary Essential Job Functions
Provide recommendations to update existing, or create new, processes and procedures based on industry best practice
Stay current with in-depth technical knowledge of security testing tools
Perform automated security testing, manual validation of automated results, and manual configurations
Engage with testing stakeholders to gather all required information needed to create detailed test plans and test cases to anticipate potential vulnerabilities
Conduct security testing using the provided automated testing tools in conjunction with manual configuration validation techniques
Troubleshoot issues found and collaboratively work with development/infrastructure/SecOps to remediate
Partner with IT infrastructure, application development and security engineers to fully expose any vulnerabilities in preproduction code/configurations
Perform exploratory tests of target applications and systems
Core Competencies
Bachelor s degree in Computer Science, Information Technology, Information Security (IS) or related field
Hands on security testing and experience with a variety of tools like Fortify, SonarQube, Appscan, Whitehat Sentinel (now BlackDuck), Now Secure
At least three (3-5) years of experience performing security testing (Operating Systems, Databases, Network, Web Applications, and Mobile Applications)
Understanding of software Quality Assurance and CI/CD process, test planning, and test execution
Ability to analyze functional and technical requirements and extrapolate tests
Ability to effectively communicate with peers and other departments
Understanding of OWASP TOP 10
Actively participates in and supports the software development life cycle and project management process.
Quality - Demonstrates accuracy, thoroughness, and attention to detail. Always looks for ways to improve and promote quality; applies feedback to improve performance; monitors own work to ensure quality.
Technical Skills - Pursues training and development opportunities; strives to continuously build knowledge and skills; shares expertise with others.
Initiative - Seeks increased responsibilities and takes ownership of tasks at hand; looks for and takes advantage of opportunities.
Teamwork - Balances team and individual responsibilities; exhibits objectivity and openness to others' views; gives and welcomes feedback; contributes to building a positive team spirit; puts the success of team above own interests; supports everyone's efforts to succeed.
Planning and Organizing - Coordinates time and prioritizes tasks to ensure work is completed effectively.
Decision Making - Compares data from different sources to draw conclusions and develop appropriate testing strategies.
Communication - Clearly conveys information and ideas both verbally and written.
Proficiency with cloud services (e.g.: OpenShift, Azure, AWS), modern JS frameworks (e.g.: React, Angular, NodeJS), SQL and NoSQL DBMS (e.g.: SQL Server, Postgres, MySQL, Redis, MongoDB), Object oriented development (e.g.: Java, Node.js, Go, Rust or .NET/C#), native and/or hybrid mobile development (e.g.: iOS, Android, PhoneGap, ionic), REST based microservice APIs, DevOps & CI/CD
Preferred
3-5 years of security testing experience in mid to large IT environments with Hands on experience
Ability to perform effectively in a fast-paced environment
Experience with Fortify, Sonarcube, OWASP Top 10, penetration testing, exploratory testing
Security Certification (CISM, CISSP, etc.)
Physical Requirements
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable
accommodations may be made to enable candidates with disabilities to perform the essential functions.
While performing the duties of this job, the employee is regularly required to sit. However, the employee may choose to stand and move within cubicle area. The employee is frequently required to use hands to finger, handle, feel, talk and hear; reach with hands and arms. Must possess the ability to effectively hear and communicate. The employee is occasionally required to stand and walk. The employee must occasionally lift and/or move up to 2 pounds. Specific vision abilities required by this job include close vision, peripheral vision, depth perception and ability to adjust focus.