QA Engineer is responsible to certify the quality of the software products used across the organization. They are typically web applications that require manual and automation testing for functionality and performance. This is done through formulating effective test case, test plan; maintaining them and executing them. Good interpersonal skills are required for effective communication with the Business and Development teams.
Technical Skills:
Security Testing - OWASP ZAP, OWASP Dependency Check, Burp Suite, Splunk, Snyk
Job Overview:
We are looking for a skilled and proactive Security Tester to join our dynamic team. As a Security Tester, you will be responsible for identifying, analyzing, and mitigating security vulnerabilities in our applications and systems. You will leverage industry-standard tools such as OWASP ZAP, OWASP Dependency Check, Burp Suite, Splunk, and Snyk to perform comprehensive security testing and assessments.
Key Responsibilities:
- Perform security assessments of web applications, APIs, and software to identify vulnerabilities and weaknesses.
- Use tools like OWASP ZAP, Burp Suite, and Snyk to perform vulnerability scanning, penetration testing, and code reviews.
- Analyze and assess dependencies in the software stack using tools like OWASP Dependency Check and Snyk to identify known vulnerabilities.
- Monitor security logs and incidents using Splunk to detect anomalous behavior and potential threats.
- Develop and execute test cases for functional and non-functional security requirements.
- Identify, report, and track vulnerabilities, including providing detailed analysis, proof-of-concept exploits, and remediation recommendations.
- Collaborate with development teams to ensure security is embedded throughout the SDLC (Software Development Lifecycle).
- Stay up-to-date with emerging security threats, vulnerabilities, and technologies to proactively improve security posture.
- Participate in security reviews, code reviews, and risk assessments to ensure alignment with industry best practices.
Key Skills and Qualifications:
- Proven experience in security testing, vulnerability assessments, and penetration testing.
- Strong knowledge and hands-on experience with security tools such as OWASP ZAP, Burp Suite, Snyk, and OWASP Dependency Check.
Neudesic is an Equal Opportunity Employer
Neudesic provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by local laws.
Neudesic is an IBM subsidiary which has been acquired by IBM and will be integrated into the IBM organization. Neudesic will be the hiring entity. By proceeding with this application, you understand that Neudesic will share your personal information with other IBM companies involved in your recruitment process, wherever these are located. More Information on how IBM protects your personal information, including the safeguards in case of cross-border data transfer, are available here: https://www.ibm.com/us-en/privacy?lnk=flg-priv-usen