QA Security

About the Role

Security Test Engineer

Key Responsibilities

• Conduct Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) on various API versions of mobile (Android/iOS) and web applications.
• Test backend code (SAST) to identify security vulnerabilities and risks.
• Retest vulnerabilities reported by external entities and validate the fix.
• Perform security testing on critical features/modules on various applications and platforms including Mobile/Web/KIOSK etc.
• Collaborate with development and QA teams across multiple countries and markets to ensure compliance with security standards.
• Document security findings, create detailed reports, and provide recommendations for remediation.
• Integrate security testing into the CI/CD pipeline to enable early detection and mitigation of vulnerabilities.
• Stay updated with emerging threats, vulnerabilities, and security trends relevant to mobile and web platforms.

Required Skills and Qualifications

• Minimum 3 years of experience in Security Testing, specifically performing SAST and DAST for mobile (Android/iOS) and web applications.
• Hands-on experience testing backend code using SAST tools.
• Experience working in multi-market, multi-country environments.
• Strong knowledge of security testing tools such as Burp Suite, OWASP ZAP, Fortify, Checkmarx, or similar.
• Familiarity with mobile app security testing methodologies and tools.
• Understanding of Single Sign-On (SSO) security principles and testing.
• Experience testing APIs and backend services (SAST & DAST).
• Strong communication skills and ability to collaborate with cross-functional teams globally.
• Knowledge of encryption, data protection, and secure coding practices.

Preferred Qualifications

• Certifications such as CEH, OSCP, or relevant security testing credentials.
• Experience with Agile and DevOps environments, including CI/CD pipeline integration.
• Knowledge of security compliance standards related to mobile and web applications.