Lead Security Test Engineer Job in Ushur

Job Description:

Our QA team is looking for an excellent Lead Security Test Engineer to join a core group that focuses on Quality Assurance, Test Automation coverage and Security aspects of the product.

Roles and responsibilities (what you will be doing):

Design, develop and improve the Security Test infrastructure to enable delivery of high quality and highly secure platform

• Develop and refine periodically and keep the Security Test Strategy for the product up to date
• Collaborate with product architect/feature-owners to identify Security test requirements during initial stages of feature definition or product design
• Self-driven, enthusiastic, and constantly research and suggest latest technologies for security coverage
• 8-12 years of software test experience, with at least 5+ years of specific experience in security testing
• Experience building framework for security testing

Continuously improve the security test coverage and add all the customer centric scenarios as part of this effort

Integrate Security testing to Jenkins CI/CD pipeline and continuously work on stabilizing and improving the test coverage

Work with third party independent vendors and get product security certification

Collaborate with Engineering, Customer Success team, IT team to generate periodic security auditing reports

Qualifications and Technical skills:

Experience with AWS Cloud Security Tools like Alert Logic, AWS Secure Hub, Scout Suite

Experience with vulnerability assessment tools for Linux/Cent OS based operation system

Experience with Network security and port scanning tools

Experience with VAPT certification tools

Experience with Burp suite, Nessus Vulnerability scanning or any other relevant tools

Experience building test suites to cover OWSAP Security testing tools

Experience with static code analysis tools like SonarQube, Coverity or other open-source tools

Experience working in Linux environment and debugging

Experience in Application Security validation for Web Applications and SaaS Products

Experience working with chaos engineering tools such as Chaos Mesh, Chaos Monkey, Gremlin, Litmus, ChaosBlade

Experience building tools to verify DDOS attacks

Excellent verbal and written communication to explain security strategy to technical and non-technical audience

Diligence and ability to plan and execute all the security tests to cover all aspects of the product

Ability to think creatively and strategically to do penetration testing

Excellent time management and organizational skills to meet the Release timelines

Ability to think laterally and outside box approach

Teamwork skills to support colleagues and share the techniques with other team members

Exceptional analytical and critical thinking skills and the persistence to apply different techniques to get the job done

Business skills to understand the implications of Releasing software with security vulnerability

Enthusiastic about always keeping the product s quality bar at an extremely high level

Ability to work in a fast-paced agile work environment

Commitment to continuously update the technical knowledge base and current trends in security relevant to Ushur Products and Features

Engineering degree in a related field

• Certifications in Security Testing
• Exposure to defect management tools like JIRA
• Exposure to publishing articles, blogs related to security