Have development experience within a testing environment? Proficient in mentoring developers on secure coding? Skilled in Burp Suite Pro? We’re looking for an expert collaborator with an Agile background to join our team as a Security Test Engineer II, where you’ll be responsible for application development, coaching and mentoring colleagues on security tools, and preparing and executing security test cases for projects and features driven by the Product Management Council.
In addition to performing application security engineering, you’ll be responsible for manual and automated penetration testing of features scheduled for release, and will serve as a subject matter expert on our Secure Software Development Lifecycle. If you’re a top-notch communicator who wants to work on pilot programs, gain exposure to different technologies and mentor others within our organization, let’s chat!
• Responsible for Manual Functional, Security, and Regression testing of features scheduled for release
• Creates and maintains the Test Case Library, which can be run before every release by level II test engineers.
• Helps set up test data or test environment for running test cases.
• Reviews and verifies bug tickets within internal Bug Tracking Tool.
• Creates and tracks defects in the bug tracking tool effectively.
• Troubleshoots and helps address Security production tickets when routed to QA
• Monitors project/feature implementation with an eye toward improving security.
• Performs penetration and vulnerability assessments against projects/features, as necessary, and follow up to ensure that findings are properly addressed.
• Manages the iCIMS third party Security Testing for monitoring, creation and validation of security bugs.
• Prepares documentation for enabling “Test Labs” for agile teams
• Supports training and mentoring level I test engineers with iCIMS products and features as needed.
• Consistently ensures that business is conducted with integrity at all times and that behavior aligns with iCIMS policies, procedures, and core competencies
• Minimum of 4 years of software testing experience of web based products. Must be familiar with entire Software Development Life Cycle process
• 2+ years of specialized security testing, techniques and tools
• Must be familiar with static and dynamic code analysis methodologies and processes
• Exposed to various automated tools for Security.
• Strong analytical and problem solving skills
• Strong communication & interpersonal skills
• Self-motivated, able to learn and research issues independently
• Proficient in a Windows and MS-SQL environment
• Ability to apply risk based methodologies to information security issues
• Experience with vulnerability management tools similar to or such as Nessus, Rapid7, Qualys, Burpsuite, Saint, etc.
• Ability to leverage frameworks and standards such as SANS, NIST, ISO, and OWASP.
iCIMS is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sexual orientation, gender identity, national origin, protected veteran status, disability status or any other characteristic protected by law.