QA Engineer in Scottsdale, AZ at DISYS

Date Posted: 11/9/2018

Job Snapshot

Job Description

Job Title: QA Engineer

Location:  Scottsdale, AZ

Duration:  Full Time Position

Position Description

The Quality Engineering Security Specialist is responsible for leading the evaluation and testing the security and compliance of software solutions. Provides leadership in the development of QA processes and procedures. Candidates will be a part of the software quality assurance team for any internal or external application development projects.

Key Responsibilities

•        Work closely with application development and platform teams to help formulate and implement a testing strategy for software security that is tailored to the specific risks facing the organization, including threat modelling and applications security advisement services.

•        Develop and maintain a balanced application security testing program based on a well-defined application security framework.

•        Conduct application security assessments/penetration tests and reuse tools for dynamic/automated code reviews.

•        Able to advise risks in the program and testing activities and propose mitigation plans for encountered risks

•        Able to prioritize work around security testing based on business priorities

•        Continuously evaluate the organization's existing application security practices, define and measure security-related activities, and demonstrating concrete improvements to the application assurance program within the organization.

•        Provide secure application development training to developers and provide guidance on the development of web-based training for ongoing awareness.

•        Conduct Application, API and penetration testing.

•        Work with Developers to Develop and maintain unit and integration tests designed to ensure security controls are tested on every build.

•        Partner with Company Security team to evaluate and perform Root cause analysis on Security Scan reports, understand what remedial actions are needed with development teams and ensure vulnerabilities are closed with highest priority and attention

•        Partner with development teams to work together on application, API testing and have Security tests run in parallel to ensure Dynamic testing is achieved from Security standpoint

•        Have Security test requirements Embedded in the Product development life cycle

Qualifications:

 
Minimum Requirements

•        6+ years’ experience in software and/or program testing

•        4-year College Degree or equivalent in Computer Science or equivalent experience

 

Critical Skills

•        7+ years of strong coding experience, must have strong experience coding in at least one programming language.

•        7+ years’ Experience with REST and SOAP service endpoints

•        5+ years Strong understanding of general web technologies and distributed/web-based SaaS architecture

•        7+ years testing experience with (or similar) tools – Appscan, Fortify, Veracode, Burp Suite, Metasploit, OWASP.

•        7+ years Full stack experience with an understanding of web servers, application servers, databases – SQL or No SQL, Distributed messaging frameworks and various network protocols.

•        5+ years ability to understand, review, and recommend corrections related to vulnerability scans and penetration tests.

•        5+ years ability to provide feedback to development teams by performing vulnerability assessments and security assessments.

•        Working knowledge of MS Windows Product Suite (MS-Project, MS-Visio, MS-Excel, MS-PowerPoint, and MS-Word).

 

Additional Knowledge & Skills

•        Healthcare background a plus.

•        Experience working in a CI/CD environment is desired

•        Very strong troubleshooting, debugging and analysis skills.

•        Familiarity with Risk Based testing concepts

•        Strong understanding of OO concepts and data structures

•        Understanding the workings of JavaScript, Java, and SQL

•        Experience testing software for: Confidentiality, Integrity, Authentication, Authorization, Availability, and Non-repudiation.

•        Troubleshooting and diagnosing application faults.

•        Familiarity with SAFE Agile, UML, Object Oriented Programming (OOP) and XML

•        ISTQB or CompTIA Security+ Certification highly desired

•        Certification in Software testing or IT Security is highly desired.


Physical Requirements

•        General Office Demands

•        Occasional travel may be required.

•        Candidate may be asked to work overtime occasionally.

•        They must be flexible for various project assignments whenever needed.


Benefits & Company Statement
We provide a competitive compensation program to attract, retain and motivate a high-performance workforce, and it’s flexible enough to meet the different needs of our diverse employee population.

Job Requirements

Minimum Requirements

•        6+ years’ experience in software and/or program testing

•        4-year College Degree or equivalent in Computer Science or equivalent experience

 

Critical Skills

•        7+ years of strong coding experience, must have strong experience coding in at least one programming language.

•        7+ years’ Experience with REST and SOAP service endpoints

•        5+ years Strong understanding of general web technologies and distributed/web-based SaaS architecture

•        7+ years testing experience with (or similar) tools – Appscan, Fortify, Veracode, Burp Suite, Metasploit, OWASP.

•        7+ years Full stack experience with an understanding of web servers, application servers, databases – SQL or No SQL, Distributed messaging frameworks and various network protocols.

•        5+ years ability to understand, review, and recommend corrections related to vulnerability scans and penetration tests.

•        5+ years ability to provide feedback to development teams by performing vulnerability assessments and security assessments.

•        Working knowledge of MS Windows Product Suite (MS-Project, MS-Visio, MS-Excel, MS-PowerPoint, and MS-Word).

 

Digital Intelligence Systems, LLC. is an Equal Opportunity Employer, M/F/D/V. We do not discriminate against any employee or applicant because they inquired about, discussed, or disclosed compensation. Email recruitinghelp @ disys.com to contact us if you are an individual with a disability and require accommodation in the application process.