QA Automation and Security Test Architect

Job ID: 21-14390 Top must haves are: • 5+ years of experience as Automation Architect and doing web application security testing as per OWASP standards • 5+ years of experience designing, developing and executing Automation Scripts using Selenium • Ability to provide application security risk assessment of technologies stack used in cloud or web applications. TECHNICAL KNOWLEDGE AND SKILLS: • 5+ years of experience as an Automation Architect and doing web application security testing as per OWASP standards • 5+ years of experience designing, developing and executing Automation Scripts using Selenium • Knowledge and experience in other Automation tools (like QTP, Rational Robot, AutoIT) • Understanding and working knowledge with Data Driven, Keyword Driven and Hybrid frameworks • Knowledge of Defect Management Tool (Quality Center, JIRA) • Exploit application security flaws and vulnerabilities with attack simulations on multiple projects working against specific client-focused scopes of work. • Ability to provide application security risk assessment of technologies stack used in cloud or web applications. • Ability to perform application vulnerability assessments or application penetration testing, utilizing tools commercial and open source tools. • Perform, review and analyze security vulnerability data to identify applicability and false positives. • Create risk based security code reviews (Static, Dynamic and Interactive). • Conduct application security testing in line with OWASP (Open Web application Security Project) • Mentor junior engineers to build their skills and contribution levels • Write technical reports that include suggested resolution for identified problem areas and perform operational risk assessment. • Perform Proof of Concept testing and do evaluation of new security technologies and tools. • Assist and support Security Test Analysts as they perform vulnerability, network and network security assessments. • Experience DevOps tools like DynaTrace, Chef, Splunk and Vagrant. • Experience with scripting languages (e.g. python, PERL, SQL) a plus • Ability to perform below tasks: o Dynamic Application Security Testing (DAST) o Static Application Security Testing (SAST) o Interactive Application Security Testing (IAST) o Web Application Penetration Testing o Product Security Testing o Cloud Application Security Testing o Web Services Security Testing o Security Code Review o Network Security Assessment • Application Security Testing Tools: VeraCode, Synopsys, Contrast IAST, Burp Suite, Tamper Data, Live http Headers, Client Fortify, VeraCode, OWASP Top 10, N-Stealth, Hailstorm, Paros, SANS Top 20, Acunetix, Nessus • Fast learning, problem solving and analytical skills • Excellent communication, presentation, and interpersonal skills • Track record of good time management • Efficient in effort estimation, planning and prioritization • Ability to understand Business Requirements and transform them to functional units • Knowledge of SDLC and implementation • Knowledge of SoapUI • Proficiency in Java language • Proficiency in SQL

Created: 2026-03-04