Our Client is seeking a Senior Software Design Engineer in Test (SDET) to join their Engineering Productivity Team. This role will be responsible for designing and architecting security and performance framework, infrastructure, and tools to support the diverse quality organization. The ideal candidate will be a technical leader with excellent analytical and problem-solving skills, who works collaboratively with the scrum teams to assure the highest member service experience.
- Solid understanding of security testing process to identify flaws in security of Information System that protect data and maintain functionality and collaborate with team to fix the vulnerabilities.
- Configure, run, and monitor automated security testing jobs
- Generate security testing reports, perform validation and assessment of vulnerabilities
- Design and implement framework for security test automation and tools to provide feedback on quality as part of our Continuous Integration and Testing
- Help with developing performance scripts, execute tests, benchmark to previous executions, analyze and report results
- Troubleshoot issues across the entire stack of hardware, software, application, and network
- Collaborate with development team on resolution of issues that negatively impact performance to help building scalable and robust product
- Research industry trends and technologies, and promote adoption of best-in-class tools and technologies
- 5+ years’ experience security testing large scale web applications
- Strong understanding of fundamental Application and Infrastructure Security concepts, including common types of attacks and exploitation techniques.
- Solid Experience with various application security tools (Example—ZAP, Fortify, Sonatype, and AppScan)
- Previous experience with performance scripting and execution using JMeter is a strong plus
- Proficient with following tools: Jenkins, Splunk, SoapUI, Fiddler, Nessus, JVM, and SQL Server
- Experience with vulnerability and penetration testing techniques and tools
- Knowledge of TCP/IP networking (proxies, firewalls, etc.), and common web technologies (HTTP, REST, Web Services, XML/XPath, etc.).
- Knowledge of security analysis tools and full understanding of non-functional testing
- Understanding of typical multi-tier application architecture (presentation, logic, data)
- Proactive attitude, strong problem solving and decision-making skills
- Proven ability to drill down into results and complete deep-dive root-cause analysis
- Knowledge of database servers, web-servers, application servers, and load balancer
- Ability to perform profile/baseline, load, and stress testing
- Appreciation for CI/CD and DevOps
- Tomcat/Apache knowledge
- Travel industry knowledge
- Ability to work independently and collaboratively within a close team environment.