To apply for this job you must first either login or register

QA Analyst, Application Security

Toronto, Ontario  - Contract



Job Description

The QA Analyst will be responsible for securing the Company by ensuring the ongoing development and continuous assessment of secure customer-facing products.

Responsibilities:
- Work directly with the Application Security team to rapidly test and deploy security fixes
- Work directly with the QA team to ensure best security practices are followed
- Build trust with and provide advice and feedback to the QA and development teams
- Collaborate to perform security risk analysis on Company’s software applications (newly built and existing components)
- Develop security test plans, procedures, automated test scripts and tooling that provides 100% coverage for identified security risks and regression
- Perform usability testing while ensuring user privacy concerns are addressed
- Work collaboratively with the DevOps team in order to plan, deploy and run automated tests in test environments
- Participate in product design reviews to provide input on functional requirements, product designs, schedules, or potential security risks
- Review product documentation to ensure technical accuracy, compliance and completeness


Must Have Skills:


Required Skills & Experience:
- Familiarity with OWASP Top 10
- Ability to debug software systems for security risks; familiarity with authentication schemes; thorough knowledge working with APIs
- Experience with server side technologies, preferably PHP and Java
- Experience with browser technologies – (JavaScript frameworks, HTML, CSS) – preferably ReactJS
- Strong test automation or software development in test experience
- Some experience in creating security centric test cases and tooling
- Experience with Agile development processes
- Excellent written and verbal communication skills
- Proven analytical, troubleshooting and problem solving skills
- Experience with SQL and NoSQL databases is an asset


Nice to Have Skills:


Other "nice to have" Experience:
- Past experience and ability to conduct software security testing using tools like WebInspect Acunetix suite and Fortify; or similar
- Some experience with ethical hacking and penetration testing
- Knowledge of conducting protocol, application and malware analysis
- Strong interpersonal and collaboration skills with the ability to build effective working relationships with internal and external stakeholders including senior management, peers and third parties
- Self-reliant, good problem solver, results oriented, excellent time management skills, good sense of humour
- Attention to detail
- Exceptional verbal and written communication skills
- Degree in Computer Science, Computer Engineering or related field
- GWAPT, GWEB, GPEN certification; or similar


Details:
Starting: ASAP
Dress Code: Casual
To apply for this job you must first either login or register