Security & Test Automation Engineer

Job Description:

Test Automation & Quality Engineering

• Design, build, and maintain scalable automation frameworks for web, API, and backend systems

• Integrate automated tests into CI/CD pipelines to improve regression coverage and release confidence

• Support release validation and production readiness for digital platforms

• Develop supporting tools to improve test execution, reporting, and reliability

• Evaluate and conduct proof-of-concepts for emerging tools in security and automation

• Contribute to best practices, standards, and lightweight governance for engineering tools

• Promote knowledge sharing, documentation, and cross-team collaboration

Security Engineering & Vulnerability Management

• Identify, triage, and remediate vulnerabilities across applications, cloud environments, and infrastructure

• Integrate security testing into CI/CD pipelines (SAST, DAST, software composition analysis, container scanning)

• Detect and resolve cloud misconfigurations and security risks

• Enforce secure coding practices and shift-left security aligned with OWASP principles

• Support audit and compliance initiatives, including PCI-DSS and internal security reviews

• Implement and support secrets management and secure access controls (IAM, least privilege)

• Monitor applications, infrastructure, and pipelines for vulnerabilities and anomalies

• Drive patching, remediation, and infrastructure hardening efforts

• Collaborate with engineering teams on incident response, debugging, and root cause analysis

Required Qualifications

• Bachelor's degree in Computer Science, Engineering, or related field (or equivalent experience)

• 3+ years of experience in security engineering, test automation

• Experience building or maintaining automation frameworks (e.g., Selenium, Playwright, Cypress, Rest Assured)

• Strong hands-on experience with CI/CD tools (e.g., Jenkins, GitHub Actions, GitLab CI, Azure DevOps)

• Experience with security testing tools (e.g., Snyk, Burp Suite, OWASP ZAP, etc.)

• Proficiency in at least one programming language (Java, Python, or JavaScript)

• Solid understanding of application security fundamentals and common vulnerabilities

• Experience working with cloud platforms (AWS, Azure)