Who are we? 

QA – Security Tester

Position Title: QA – Security Tester Job Level: P3

Reports To: AVP Quality Assurance

Department: IT Quality and Certification Has Direct Reports: No

Position Summary

Credit One Bank is looking for a Security Tester to join our QA team in Las Vegas This position will report into the QA Security Lead and is responsible for testing, analyzing scan results, reporting, and assisting with remediation of security vulnerabilities.

Summary Essential Job Functions

· Provide recommendations to update existing, or create new, processes and procedures based on industry best practice

· Stay current with in-depth technical knowledge of security testing tools

· Perform automated security testing, manual validation of automated results, and manual configurations

· Engage with testing stakeholders to gather all required information needed to create detailed test plans and test cases to anticipate potential vulnerabilities

· Conduct security testing using the provided automated testing tools in conjunction with manual configuration validation techniques

· Troubleshoot issues found and collaboratively work with development/infrastructure/SecOps to remediate

· Partner with IT infrastructure, application development and security engineers to fully expose any vulnerabilities in preproduction code/configurations

· Perform exploratory tests of target applications and systems

Core Competencies

· Bachelor’s degree in Computer Science, Information Technology, Information Security (IS) or related field

· Hands on security testing and experience with a variety of tools like Fortify, SonarQube, Appscan, Whitehat Sentinel (now BlackDuck), Now Secure

· At least three (3-5) years of experience performing security testing (Operating Systems, Databases, Network, Web Applications, and Mobile Applications)

· Understanding of software Quality Assurance and CI/CD process, test planning, and test execution

· Ability to analyze functional and technical requirements and extrapolate tests

· Ability to effectively communicate with peers and other departments

· Understanding of OWASP TOP 10

· Actively participates in and supports the software development life cycle and project management process.

· Quality - Demonstrates accuracy, thoroughness, and attention to detail. Always looks for ways to improve and promote quality; applies feedback to improve performance; monitors own work to ensure quality.

· Technical Skills - Pursues training and development opportunities; strives to continuously build knowledge and skills; shares expertise with others.

· Initiative - Seeks increased responsibilities and takes ownership of tasks at hand; looks for and takes advantage of opportunities.

· Teamwork - Balances team and individual responsibilities; exhibits objectivity and openness to others' views; gives and welcomes feedback; contributes to building a positive team spirit; puts the success of team above own interests; supports everyone's efforts to succeed.

· Planning and Organizing - Coordinates time and prioritizes tasks to ensure work is completed effectively.

· Decision Making - Compares data from different sources to draw conclusions and develop appropriate testing strategies.

· Communication - Clearly conveys information and ideas both verbally and written.

· Proficiency with cloud services (e.g.: OpenShift, Azure, AWS), modern JS frameworks (e.g.: React, Angular, NodeJS), SQL and NoSQL DBMS (e.g.: SQL Server, Postgres, Mysql, Redis, MongoDB), Object oriented development (e.g.: Java, Node.js, Go, Rust or .NET/C#), native and/or hybrid mobile development (e.g.: iOS, Android, PhoneGap, ionic), REST based microservice APIs, DevOps & CI/CD

Preferred

· 3-5 years of security testing experience in mid to large IT environments with Hands on experience

· Ability to perform effectively in a fast-paced environment

· Experience with Fortify, Sonarcube, OWASP Top 10, penetration testing, exploratory testing

· Security Certification (CISM, CISSP, etc)

Physical Requirements

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable

accommodations may be made to enable candidates with disabilities to perform the essential functions.

While performing the duties of this job, the employee is regularly required to sit. However, the employee may choose to stand and move within cubicle area. The employee is frequently required to use hands to finger, handle, feel, talk and hear; reach with hands and arms. Must possess the ability to effectively hear and communicate. The employee is occasionally required to stand and walk. The employee must occasionally lift and/or move up to 2 pounds. Specific vision abilities required by this job include close vision, peripheral vision, depth perception and ability to adjust focus.

Based on the Fair Labor Standards Act (FLSA), management has analyzed this position and determined it to be exempt.

Compensation, Benefits and Duration

Minimum Compensation: USD 32,000

Maximum Compensation: USD 112,000

Compensation is based on actual experience and qualifications of the candidate. The above is a reasonable and a good faith estimate for the role.

Medical, vision, and dental benefits, 401k retirement plan, variable pay/incentives, paid time off, and paid holidays are available for full time employees.

This position is available for independent contractors

No applications will be considered if received more than 120 days after the date of this post