QE Security Tester

Provide recommendations to update existing, or create new, processes and procedures based on industry best practice

Stay current with in-depth technical knowledge of security testing tools

Perform automated security testing, manual validation of automated results, and manual configurations

Engage with testing stakeholders to gather all required information needed to create detailed test plans and test cases to anticipate potential vulnerabilities

Conduct security testing using the provided automated testing tools in conjunction with manual configuration validation techniques

Troubleshoot issues found and collaboratively work with development/infrastructure/SecOps to remediate

Partner with IT infrastructure, application development and security engineers to fully expose any vulnerabilities in preproduction code/configurations

Perform exploratory tests of target applications and systems

Bachelor s degree in Computer Science, Information Technology, Information Security (IS) or related field

Hands on security testing and experience with a variety of tools like Fortify, SonarQube, Appscan, Whitehat Sentinel (now BlackDuck), Now Secure

At least three (3-5) years of experience performing security testing (Operating Systems, Databases, Network, Web Applications, and Mobile Applications)

Understanding of software Quality Assurance and CI/CD process, test planning, and test execution

Ability to analyze functional and technical requirements and extrapolate tests

Ability to effectively communicate with peers and other departments

Understanding of OWASP TOP 10

Actively participates in and supports the software development life cycle and project management process.

Quality - Demonstrates accuracy, thoroughness, and attention to detail. Always looks for ways to improve and promote quality; applies feedback to improve performance; monitors own work to ensure quality.

Technical Skills - Pursues training and development opportunities; strives to continuously build knowledge and skills; shares expertise with others.

Initiative - Seeks increased responsibilities and takes ownership of tasks at hand; looks for and takes advantage of opportunities.

Teamwork - Balances team and individual responsibilities; exhibits objectivity and openness to others' views; gives and welcomes feedback; contributes to building a positive team spirit; puts the success of team above own interests; supports everyone's efforts to succeed.

Planning and Organizing - Coordinates time and prioritizes tasks to ensure work is completed effectively.

Decision Making - Compares data from different sources to draw conclusions and develop appropriate testing strategies.

Communication - Clearly conveys information and ideas both verbally and written.

Proficiency with cloud services (e.g.: OpenShift, Azure, AWS), modern JS frameworks (e.g.: React, Angular, NodeJS), SQL and NoSQL DBMS (e.g.: SQL Server, Postgres, Mysql, Redis, MongoDB), Object oriented development (e.g.: Java, Node.js, Go, Rust or .NET/C#), native and/or hybrid mobile development (e.g.: iOS, Android, PhoneGap, ionic), REST based microservice APIs, DevOps & CI/CD