DevSecOps Engineer (Testing)

Location Singapore
Job reference BBBH120786_1667203486
Salary Up to S$0.00 per annum
Consultant name Goel Navneet
Consultant email navneet.goel@experis.com.sg
Consultant contact no. 65515581
EA License No. 02C3423
Consultant Registration No. R1982194


We are seeking an experienced Application Security & Testing Engineer to be part of the QC for Client key digital products in the areas of ensuring quality, stability, and reliability of the systems.

JOB RESPONSIBILITIES

  • Define and build performance and functional test suites
  • Capture and update test results and status.
  • Monitor and Analyze test results, interpret performance metrics, pinpoint performance issue, and deliver summary reports
  • Perform test on performance, Load, Stress, and others.
  • Integrate tests into CI/CD pipeline.
  • Provide consultant and testing knowledge to project teams.
  • Work with Test team Project manager/owner to define scope & coverage of testing
  • Testcase design & construction
  • Monitor testing activities and progress.
  • Support in SIT and UAT
  • Provide and exercise End to End QA process knowledge
  • Assist with implementing and designing automated security checks within the CI/CD pipeline
  • Perform web & mobile application source code reviews using SAST tools
  • Perform web & mobile application security testing using DAST & API scanning tools
  • Evaluate and analyze threat, vulnerability, impact and risk to application security issues discovered from security testing or assessment
  • Advise Development team on the application security issues, including explanation on the technical details and how they can remediate the vulnerabilities in their application
  • Provide guidance and advisory to Development team to enable closure of findings surfaced from vulnerability assessment/penetration testing.
  • Assisted the Security team in related application threat investigation and prevention


QUALIFICATIONS AND EXPERIENCES

  • Degree in Information Technology, Computer Science, or any related.
  • Minimum 3 years of experience in Regression testing, load testing, stress testing, regression testing and others.
  • Good working knowledge of software development & testing life cycle.
  • Good practical knowledge of Jira, Confluence, and MS Office tools
  • Good knowledge in DevSecOps & CI/CD processes
  • Experienced in testing tools and methodology
  • Good understanding of Cloud technologies, familiarity with DevSecOps
  • Hands-on experience in at least two or more: AWS, Azure Cloud or on-premise Data Centre
  • Understanding on virtualization and container technologies (Docker, Kubernetes) would be an nice to have
  • interest in the field of information security, passionate about security, enjoy challenges and maintain up-to-date knowledge of available and emerging security threats and various security technologies
  • knowledge in application security testing, experience with OWASP Testing Guide v3 / 4 and OWASP TOP 10, knowledge of securing APIs
  • Experience in Web and/or Mobile applications and common vulnerabilities
  • Knowledge of security in micro-services is beneficial
  • Experience with threat modelling would be an nice to have
  • Professional certifications such as CSSLP, OSCP, Fortify Certification would be an nice to have
  • Able to program or script
  • Familiarity with automated testing tools would be an nice to have
  • Familiarity with property sales platform and/or process would be an nice to have
  • Good written & verbal skills, able to communicate with all levels of management & staff

Goel