Senior Security Test Engineer

About The Position

Requirements

• 7+ years of professional experience in a security testing or security engineering role within a product company.
• Experience identifying and validating software security vulnerabilities in complex applications, including the ability to reproduce and verify findings.
• Deep understanding of secure SDLC best practices and processes.
• Experience with DAST, SCA, and API testing using tools such as Tenable Nessus, JFrog, and OWASP ZAP.
• Knowledge of networking technologies such as proxy servers and firewalls.
• Strong troubleshooting skills across Linux environments and full-stack applications.
• Scripting skills in Bash or Python for automation and diagnostics.
• Excellent interpersonal skills with the ability to work both independently and within a collaborative team environment.
• Strong written and verbal communication skills for engaging with customers and internal teams.
• Experience working in a matrixed, global organization, including coordination across time zones.
• Bachelor’s degree in Computer Science, Information Technology, or a related field.
• A strong desire to learn, adapt, and grow in a fast-paced, customer-focused environment.

Nice To Haves

• Master’s degree in Computer Science or a related field.
• Experience using Jira, Confluence, and Xray for issue tracking and documentation.
• Familiarity with virtualization technologies such as VMware or Hyper-V.
• Programming experience in Python or C/C++.
• One or more ethical hacking or security certifications.
• Hands-on experience with backup technologies, storage systems, and data recovery processes.

Responsibilities

• Develop a best-in-class security testing strategy by combining deep security testing and SDLC expertise with an understanding of product architecture, customer use cases, and industry trends.
• Manage and execute product security scans at various parts of our SDLC, including DAST, SCA, API, and penetration testing.
• Perform security testing and analyze vulnerability findings to determine real-world exploitability, reproduce issues, separate false positives from actionable risks, and communicate remediation plans.
• Verify security fixes and confirm remediation effectiveness.
• Create clear and actionable security reports.
• Contribute to our SDLC with respect to security practices.
• Participate in threat modeling and security design discussions to identify potential risks early in the SDLC.
• Stay current with security testing trends and continuously monitor and evaluate new tools and technologies.
• Contribute in responding to customer and partner security inquiries.
• Coordinate with independent security testing teams.
• Monitor the CVE database and assess potential impacts to our products and customers.
• Deploy, configure, and maintain Index Engines products in lab environments for security testing.
• Provide detailed and well-documented updates in Jira tickets, including descriptions of testing performed, steps taken, and results observed.
• Collaborate closely with peers, sharing expertise and supporting team success and continuous improvement.

Benefits

• Competitive salary based on experience and qualifications
• Comprehensive health, dental, and vision benefits
• 401(k)
• Opportunities for professional development and certification support
• Collaborative team environment with a mission-driven culture
• Unlimited PTO
• Hybrid work schedule with WFH on Mondays and Fridays