QA Tester Job

Job Title: QA – Security Tester

Location: Las Vegas, NV (Onsite)

No H1B

Summary Essential Job Functions

· Provide recommendations to update existing, or create new, processes and procedures based on industry best practice

· Stay current with in-depth technical knowledge of security testing tools

· Perform automated security testing, manual validation of automated results, and manual configurations

· Engage with testing stakeholders to gather all required information needed to create detailed test plans and test cases to anticipate potential vulnerabilities

· Conduct security testing using the provided automated testing tools in conjunction with manual configuration validation techniques

· Troubleshoot issues found and collaboratively work with development/infrastructure/SecOps to remediate

· Partner with IT infrastructure, application development and security engineers to fully expose any vulnerabilities in preproduction code/configurations

· Perform exploratory tests of target applications and systems

Core Competencies

· Bachelor’s degree in Computer Science, Information Technology, Information Security (IS) or related field

· Hands on security testing and experience with a variety of tools like Fortify, SonarQube, Appscan, Whitehat Sentinel (now BlackDuck), Now Secure

· At least three (3-5) years of experience performing security testing (Operating Systems, Databases, Network, Web Applications, and Mobile Applications)

· Understanding of software Quality Assurance and CI/CD process, test planning, and test execution

· Ability to analyze functional and technical requirements and extrapolate tests

· Ability to effectively communicate with peers and other departments

· Understanding of OWASP TOP 10

· Actively participates in and supports the software development life cycle and project management process.

· Quality - Demonstrates accuracy, thoroughness, and attention to detail. Always looks for ways to improve and promote quality; applies feedback to improve performance; monitors own work to ensure quality.

· Technical Skills - Pursues training and development opportunities; strives to continuously build knowledge and skills; shares expertise with others.

· Proficiency with cloud services (e.g.: OpenShift, Azure, AWS), modern JS frameworks (e.g.: React, Angular, NodeJS), SQL and NoSQL DBMS (e.g.: SQL Server, Postgres, Mysql, Redis, MongoDB), Object oriented development (e.g.: Java, Node.js, Go, Rust or .NET/C#), native and/or hybrid mobile development (e.g.: iOS, Android, PhoneGap, ionic), REST based microservice APIs, DevOps & CI/CD Preferred · 3-5 years of security testing experience in mid to large IT environments with Hands on experience · Ability to perform effectively in a fast-paced environment · Experience with Fortify, Sonar Cube, OWASP Top 10, penetration testing, exploratory testing · Security Certification (CISM, CISSP, etc)