QA Analyst

Senior QA Engineer

Ref: 3414| Posted: 22nd Sep 2020

Senior QA Engineer (Security & Architecture) – Horsham – up to £60,000 plus excellent benefits

Our client is a leading Financial Services FinTech company who are actively seeking an experienced QA Engineer to work within their security and architecture team reporting into the Lead QA.

Overall Purpose of the Job:

The overall purpose is to ensure quality for application security and architectural changes made to our suite of applications, built in .NET or React Typescript. You will play a key role in ensuring an excellent security posture across the system and related applications.

The work is varied (analysing requirements, contributing to overall delivery quality, writing test cases, building/extending automated regression packs), challenging, fast-paced and rewarding. Being a robust, proactive quality gate within an Agile team.


Key Activities & Responsibilities:

  • Working closely with the Architecture team to add repeatable quality assurance to improved, new, and cross-cutting-concern implementations.
  • To monitor and review security vulnerabilities across the application suite and contribute to their resolution.
  • Play a key role in keeping quality assurance up to date with regards to the latest security and identity trends.
  • Being involved when external penetration tests are performed and help analyse and raise bugs
  • Analysing and helping to shape requirements
  • Test planning, scripting (both manual and automated) and reviews
  • Execution of tests to support sprint goals and deployments
  • Act as a subject matter expert for the project area being worked on
  • Document and coach on approaches for testing common/related security flaws
  • Driving quality across the SCRUM team and the wider delivery community
  • To stand in as the Lead QA when / if required


Required Skills/Experience:

  • Experience of application security concepts, including but not limited to the latest OWASP Top 10 and common best-practices for mitigating against such attacks.
  • Experience of introducing Automated Security testing tools and techniques into a CI/CD Pipeline
  • Experience of modern authentication and authorisation protocols, such as OpenID Connect and OAuth2.0
  • Experience with good development practices (repository management tools (git), versioning, clean code, package management)
  • Ability to create automation frameworks in multiple languages (.Net and Typescript). Writing tests for web applications, RESTful API services and Pub/Sub in code.
  • Experience of leading projects within a small group
  • Test execution and planning
  • Stakeholder Management
  • Exposure to relevant testing tools (Fiddler, Charles Proxy, OWASP ZAP, Burp Suite for example)
  • Working within an Agile methodology (e.g. SCRUM, Kanban)
  • Strong written and presentational skills


Desirable Skills/Experience:

  • CEH, CREST or OSCP certification or an interest in obtaining
  • Information Security and/or Information Technology industry certification (CISA, CISSP, CISM or equivalent) or an interest in obtaining
  • Foundation ISTQB/ISEB
  • Financial Services
  • Working within the SAFe methodology
  • ASP.NET, ReactJS, Selenium
  • Jira or similar


Personal characteristics:

  • Open and honest
  • Excellent analytical skills
  • Strong interpersonal skills – able to work well with others
  • Proactive and willing to take on additional responsibilities when there are clear resource gaps
  • Outcome focused
  • Highly motivated with an attention to detail
  • Ability to manage tasks and workload – doing own work whilst supporting others
  • Should be adaptable to shifting priorities and changing circumstances
  • Should embrace mentoring, and learning from others

Please apply to the by role submitting you're most up to date CV. If your application is successful, we will be in touch within 2 working days of receiving your job application to discuss the opportunity in more detail.

Due to the overwhelming application response, should you not hear from us within 5 working days then please assume that your application has been unsuccessful.