Remote Scouter

The Security Quality Engineer will be vital in integrating security within our Quality Engineering processes, with a focus on vulnerability management, compliance, and secure testing practices in support of our Practice Management and Fintech platform. This role will work closely with the Security Engineer to remediate vulnerabilities and ensure that security best practices are embedded in testing strategies. Additionally, the Security Quality Engineer will audit test cases in TestRail, participate in red team exercises, and collaborate with the Platform Engineering/SRE team to enhance the security posture of the infrastructure through effective testing and monitoring practices in support of our practice management platform.

What You'll Do:

1. Security Testing, Validation, and Red Team Involvement
• Conduct comprehensive security assessments and validate the remediation of issues identified by the Security Engineer, ensuring thorough testing of vulnerabilities and security controls, including Intrusion Detection Systems (IDS).
• Participate in red team activities to proactively identify security gaps, contributing insights to improve overall security measures and response capabilities.
• Authors and audits test cases in Test Rail across product feature teams for relevant security coverage.
• Works closely with SDET team to automate security-specific tests for inclusion in CI/CD pipeline where appropriate.
2. Audit and Compliance Support
• Audit and refine test cases in TestRail, ensuring that security considerations are consistently applied and validated against compliance frameworks (ie, SOC 2, PCI-DSS).
• Collaborate with the Platform Engineering/SRE team to ensure that security testing aligns with operational practices and compliance requirements.
3. Training and Security Best Practices for the QE Team
• Develop, deliver, and maintain training documentation and presentations to educate the QE team on secure testing methodologies, promoting the integration of security practices into testing workflows.
• Mentor QE team members to foster a security-focused culture, enhancing awareness of secure coding and testing principles.

About You:

• Bachelor’s degree in Information Security, Computer Science, or related field or equivalent work experience.
• 3+ years of experience in security testing within a quality engineering environment
• Familiarity with Test Rail, Tricentis QTest or other Test Management Tools.
• Proficiency in scripting, preferably in Python.
• Understanding of standard security testing tools and frameworks (ie, OWASP, NIST).
• Experience with PCI DSS and related compliance standards
• Strong understanding of TCP/IP Networking, Intrusion Detection Systems, firewalls, etc.
• Understanding of Cryptography and how it pertains to data security
• Experience working within an Agile environment

Soft Skills:

• Excellent communication skills for effectively conveying security concepts to the QE team and other stakeholders.
• Detail-oriented with strong analytical capabilities to maintain audit-compliant documentation and secure testing practices.

Additional Information

The annual salary range for this position is $120,000 to $150,000 per year. The salary range for performing this role outside of the US / Austin / California may differ.  AffiniPay is committed to offering competitive, fair and commensurate compensation and has provided an estimated pay range for this role. Actual compensation may vary based on job-related knowledge, skills, experience and education.