Senior Quality Assurance Security Test Engineer

This company is looking for a Senior Quality Assurance Security Test Engineer to join their team in Herndon, VA. In this role, you will be responsible for ensuring the quality and security of software applications, primarily within a cloud-based environment. Your duties will include designing, executing, and automating security tests, identifying vulnerabilities, and working closely with development teams to verify, document, and resolve security issues. You will also be expected to stay up to date on the latest security standards and best practices, acting as a key liaison between development and stakeholders to ensure robust application security across all functionalities.

The company is located in Herndon, VA and will be a hybrid of two days onsite.

What You Will Be Doing

• Perform thorough security testing, including penetration testing, vulnerability scanning, authentication/authorization checks, network security assessments, service degradation testing, data encryption analysis, and web application security evaluations.
• Develop detailed security test plans and test cases to cover a range of attack vectors, threat models, and compliance requirements.
• Build and maintain automated security testing frameworks to efficiently conduct regression tests and identify security vulnerabilities in new features. This may involve using existing tools or developing and maintaining custom solutions.
• Document and track security vulnerabilities discovered during testing, providing clear and actionable reports to development teams for remediation.
• Collaborate with software developers and product owners to understand security requirements, implement fixes, and prioritize security issues.
• Stay informed on emerging security threats and trends to proactively identify potential vulnerabilities in applications.
  
  

Required Skills & Experience:

• In-depth knowledge of security concepts such as authentication, authorization, encryption, session management, cloud application security, network security, and familiarity with OIDC flow, hypervisors, networking, service degradation, and failure modes.
• Proficiency in a variety of security testing techniques, including black-box, white-box, grey-box testing, fuzzing, and penetration testing.
• Experience with security-specific automation test tools and developing and maintaining custom testing frameworks.
• Expertise in using defect tracking tools to manage and resolve security vulnerabilities.
• Strong communication skills to clearly articulate security risks and collaborate effectively with cross-functional teams.
• Solid coding skills in Python and other scripting languages for test automation development.
• Passion for conducting comprehensive security testing, identifying vulnerabilities, and proactively improving the organization’s overall security posture.
• Familiarity with Continuous Integration/Continuous Deployment (CI/CD) tools and processes.
• Experience with Linux, Docker, cloud technologies, and system maintenance tools.
• Strong understanding of Agile/Scrum methodologies and practical experience working within them.
• Ability to adapt to changing priorities and requirements in a dynamic environment.
• Highly self-motivated with the ability to work autonomously and effectively prioritize tasks.
• Knowledge of Google Cloud Platform is a plus.
  
  

Applicants must be currently authorized to work in the United States on a full-time basis now and in the future.

This position doesn’t provide sponsorship.

Posted By: Ashton Corbett