D-TechWorks - Security QA Engineer

Job Title : Security QA : : Engineering / QA / To : QA Manager / Security Lead / Engineering Manager Must Have Skills : 3+ years of experience in software QA, with at least 12 years focused on security testing Job Summary We are seeking a detail-oriented and technically skilled Security QA Engineer to join our quality assurance and security teams. In this role, you will be responsible for designing, implementing, and executing tests to identify security vulnerabilities and ensure that software meets security standards and compliance requirements. You will collaborate closely with developers, DevOps, and InfoSec teams to proactively secure applications and Responsibilities : Design, develop, and maintain automated and manual test cases with a focus on security. Perform static and dynamic application security testing (SAST/DAST). Identify, document, and track security-related defects and work with engineering teams for remediation. Conduct threat modeling and risk assessments as part of the software development lifecycle. Validate fixes and patches for known vulnerabilities. Assist in integrating security testing tools (e.g., OWASP ZAP, Burp Suite, SonarQube) into CI/CD pipelines. Stay current with security best practices, industry trends, and vulnerability databases (e.g., CVE, NVD). Collaborate with QA, DevSecOps, and security analysts to promote secure development practices. Participate in code reviews and assist in the development of secure coding Qualifications : Bachelors degree in Computer Science, Information Security, or a related field. 3+ years of experience in software QA, with at least 12 years focused on security testing. Knowledge of application security principles, common vulnerabilities (OWASP Top 10), and secure SDLC. Experience with automated testing tools and frameworks (e.g., Selenium, JUnit, pytest). Proficient in scripting or programming languages such as Python, Java, or JavaScript. Familiarity with CI/CD tools (e.g., Jenkins, GitLab CI) and DevOps practices. Experience with penetration testing or working with security assessment Qualifications : Security certifications (e.g., OSCP, CEH, GWAPT, CISSP). Experience with cloud security (AWS, Azure, GCP). Knowledge of regulatory standards (e.g., GDPR, HIPAA, PCI-DSS). Familiarity with container security (Docker, Kubernetes) and IaC security tools (e.g., Checkov, Terraform Sentinel). (ref:hirist.tech) Show more Show less