What are the responsibilities and job description for the QA Engineer with OWASP & Cybersecurity (Automation) position at Activesoft, Inc.?
Job Details
QA Engineer with OWASP, Cybersecurity
Perpetual Contract
Hybrid in Richmond, VA
NO RELOCATION
In this role, the candidate s primary focus will be web application security testing by designing and performing manual and automated testing on applications to identify risks such as SQL Injection, Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), and other common web security vulnerabilities.
Requirements:
- 12 years of hands-on experience in software quality assurance.
- 8 years of experience using test automation technologies.
- A master s degree in computer science, Information Technology, or a related field.
- Perform both automated and manual testing to identify vulnerabilities, security flaws, and weaknesses in systems.
- Leverage OWASP tools like OWASP ZAP, OWASP Dependency-Check, and others to conduct security assessments and vulnerability scans.
- Technical knowledge of threat modeling, code review, penetration testing, familiarity with security protocols, understanding of vulnerabilities, scripting languages like Python, Bash, PowerShell, etc. for automation, knowledge of web application security, and the ability to analyze logs and network traffic to identify potential security issues.
- Perform manual and automated testing on applications to identify risks such as SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), and other common web security vulnerabilities.
- Stay current with the latest web application security trends, OWASP vulnerabilities, and emerging attack techniques.
- Proficiency in penetration testing tools such as Burp Suite, Nessus, Metasploit, Kali Linux, Wireshark, and others.
- Strong knowledge of web application security (OWASP Top 10), network security, and cloud security.
- Strong understanding of TCP/IP, HTTP, DNS, and other network protocols.
- Certifications such as CISSP, CEH, AWS Certified Security Specialty, or similar are a plus.
- Testing tools: DBeaver (or similar), Beyond Compare, OWASP tools like OWASP ZAP, OWASP Dependency-Check.
- Automation testing tools: Selenium.
- Test artifact management: Zephyr.
- API testing tools: SoapUI, Postman.
- Defect and task tracking: Jira.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
