We're looking for a Test Engineer to join one of our innovative clients in Seattle, WA, offering a fantastic hybrid opportunity. Local candidates are preferred, and if you're ready to make an impact in a dynamic environment, we can't wait to see your application!
Title: Test Engineer
Location: Seattle, WA (Hybrid)
Pay: $65-70 hourly
Duration: 12 months contract
Test Engineer to conduct authorized security testing on complex, large-scale, and critical applications. The ideal candidate will be self-directed, thrive in a fast-paced team environment, and possess a solid understanding of various application security domains, including authentication, authorization, identity management, and cryptography.
Key Responsibilities:
- Collaborate with the development team to proactively identify security vulnerabilities (aligned with OWASP Top 10, SANS Top 25, CWE) early in the development cycle.
- Serve as a liaison between the InfoSec and development teams, ensuring security issues are communicated effectively for resolution.
- Present findings to leadership and development teams, providing insights on risk to facilitate informed decision-making on mitigations and controls.
- Stay updated on the evolving threat landscape and familiarize yourself with the latest security vulnerabilities impacting our applications.
Qualifications:
- 7 years of experience in software development/testing for large-scale enterprise applications (less experience may be acceptable for candidates with strong skillsets and quick learning abilities).
- Proven experience in manual and automated security testing of software.
- Strong knowledge of web application technologies, protocols (HTTP, HTTPS), and browser technologies.
- In-depth understanding of application security concepts, including Identity and Access Management (IAM) and various authentication methods (passwords, biometrics, OTP, etc.).
- Expertise in security testing tools (e.g., Fiddler, Burp Suite, static security code analysis tools).
- Familiarity with application security vulnerabilities, attack patterns (CAPEC), and relevant security frameworks.
- Bachelor’s degree in computer science or equivalent experience.
Desired Skills:
- Experience with security technologies and standards like Single Sign-On (SSO) using SAML/OpenID and OAuth protocols.
- Knowledge of cryptographic algorithms and standards, including symmetric/asymmetric techniques and digital signatures.
- Understanding cloud security vulnerabilities is a plus.
- Relevant security certifications are a bonus.
- Familiarity with threat modeling concepts and Secure Development Life Cycle processes.
- Knowledge of mobile application security is desirable.
Equal Opportunity Employer/Veterans/Disabled.To read our Candidate Privacy Information Statement, which explains how we will use your information, please visit