Senior Security & Test Automation Engineer

We are looking for a hands-on Senior Security & Test Automation Engineer to help strengthen our software delivery lifecycle through automation, application security, and engineering best practices.

This role sits at the intersection of security engineering, quality engineering, and DevSecOps. You will work closely with software engineers, platform teams, and product teams to improve release confidence, automate testing, identify security risks early, and drive secure software delivery practices.

What You'll Be Doing

Test Automation & Quality Engineering

• Design, build, and maintain automation frameworks for web, API, and backend systems
• Integrate automated testing into CI/CD pipelines
• Improve regression coverage and release quality
• Develop tools and utilities to improve test execution and reporting
• Evaluate new testing and security technologies through proof-of-concepts
• Establish engineering standards and best practices for automation
• Support production readiness and release validation activities

Security Engineering & Vulnerability Management

• Identify, triage, and remediate vulnerabilities across applications, cloud environments, and infrastructure
• Integrate security testing into CI/CD pipelines (SAST, DAST, SCA, container scanning)
• Detect and remediate cloud security risks and misconfigurations
• Promote secure coding practices and shift-left security principles
• Support PCI-DSS, internal security reviews, and compliance initiatives
• Implement and support secrets management and access controls
• Monitor applications and infrastructure for security issues and anomalies
• Drive patching, remediation, and hardening activities
• Participate in incident response, troubleshooting, and root cause analysis

• Bachelor's degree in Computer Science, Engineering, or related field (or equivalent experience)
• 3+ years of experience in security engineering, test automation, or related roles
• Experience building automation frameworks using tools such as Selenium, Playwright, Cypress, or Rest Assured
• Strong experience with CI/CD platforms such as Jenkins, GitHub Actions, GitLab CI, or Azure DevOps
• Experience with security testing tools such as Snyk, Burp Suite, OWASP ZAP, or similar platforms
• Proficiency in Java, Python, or JavaScript
• Strong understanding of application security fundamentals and OWASP Top 10 vulnerabilities
• Experience working with AWS and/or Azure cloud environments

Preferred Qualifications

• Experience with PCI-DSS, SOC 2, ISO 27001, or similar compliance frameworks
• Experience with Vault, AWS Secrets Manager, or similar secrets management solutions
• Experience with Docker and Kubernetes
• Security certifications such as Security+, CISSP, or cloud security certifications