Security Quality Engineer

Summary

Join AffiniPay as a Security Quality Engineer and play a vital role in integrating security into our Quality Engineering processes. You will conduct security assessments, participate in red team exercises, audit test cases, and collaborate with other teams to enhance our security posture. This role involves developing security training for the QE team and ensuring compliance with frameworks like SOC 2 and PCI-DSS. The ideal candidate possesses a Bachelor's degree in a related field, 3+ years of experience in security testing, and proficiency in scripting and security testing tools. AffiniPay offers competitive compensation, comprehensive benefits, and a supportive work environment.

Requirements

• Bachelor’s degree in Information Security, Computer Science, or related field or equivalent work experience
• 3+ years of experience in security testing within a quality engineering environment
• Familiarity with Test Rail, Tricentis QTest or other Test Management Tools
• Proficiency in scripting, preferably in Python
• Understanding of standard security testing tools and frameworks (ie, OWASP, NIST)
• Experience with PCI DSS and related compliance standards
• Strong understanding of TCP/IP Networking, Intrusion Detection Systems, firewalls, etc
• Understanding of Cryptography and how it pertains to data security
• Experience working within an Agile environment
• Excellent communication skills for effectively conveying security concepts to the QE team and other stakeholders
• Detail-oriented with strong analytical capabilities to maintain audit-compliant documentation and secure testing practices

Responsibilities

• Conduct comprehensive security assessments and validate the remediation of issues identified by the Security Engineer, ensuring thorough testing of vulnerabilities and security controls, including Intrusion Detection Systems (IDS)
• Participate in red team activities to proactively identify security gaps, contributing insights to improve overall security measures and response capabilities
• Authors and audits test cases in Test Rail across product feature teams for relevant security coverage
• Works closely with SDET team to automate security-specific tests for inclusion in CI/CD pipeline where appropriate
• Audit and refine test cases in TestRail, ensuring that security considerations are consistently applied and validated against compliance frameworks (ie, SOC 2, PCI-DSS)
• Collaborate with the Platform Engineering/SRE team to ensure that security testing aligns with operational practices and compliance requirements
• Develop, deliver, and maintain training documentation and presentations to educate the QE team on secure testing methodologies, promoting the integration of security practices into testing workflows
• Mentor QE team members to foster a security-focused culture, enhancing awareness of secure coding and testing principles

Benefits

• All employees receive fully covered medical, dental and vision coverage - Choose from our 2 available health plans based on what fits you and/or your family!
• Have some fur babies? - We offer them insurance too!
• RELAX and enjoy your time away with our flexible paid time off policy!
• We will help you plan for your future - 401K, or RRSP if in Canada, with a company match
• Competitive compensation packages that include mid-year and end-of-year bonuses and equity options for all full-time employees
• Health Wellness Program that includes nutrition consultations, mental health apps, and access to discounted memberships
• Have plans to grow your family? - Parental resources, including 16 weeks of paid time off for primary caregivers
• Professional development opportunities including mentorships, leadership programs and our AffiniPayU courses
• We believe it is important to give back with our Matching Gift Program and organized activities focused on donations, volunteerism and supporting the local communities throughout the country
• D&I initiatives provide educational opportunities regarding multicultural issues, tolerance, and celebrating diversity among our entire staff
• An incredible, in-office experience at our headquarters in Austin and San Diego including free lunch delivery, a fully stocked kitchen, and some “sweet” surprises for those afternoon pick-me-ups