We are seeking an experienced Application Security & Testing Engineer to be part of the QC for Client key digital products in the areas of ensuring quality, stability, and reliability of the systems.

JOB RESPONSIBILITIES

• Define and build performance and functional test suites
• Capture and update test results and status.
• Monitor and Analyze test results, interpret performance metrics, pinpoint performance issue, and deliver summary reports
• Perform test on performance, Load, Stress, and others.
• Integrate tests into CI/CD pipeline.
• Provide consultant and testing knowledge to project teams.
• Work with Test team Project manager/owner to define scope & coverage of testing
• Testcase design & construction
• Monitor testing activities and progress.
• Support in SIT and UAT
• Provide and exercise End to End QA process knowledge
• Assist with implementing and designing automated security checks within the CI/CD pipeline
• Perform web & mobile application source code reviews using SAST tools
• Perform web & mobile application security testing using DAST & API scanning tools
• Evaluate and analyze threat, vulnerability, impact and risk to application security issues discovered from security testing or assessment
• Advise Development team on the application security issues, including explanation on the technical details and how they can remediate the vulnerabilities in their application
• Provide guidance and advisory to Development team to enable closure of findings surfaced from vulnerability assessment/penetration testing.
• Assisted the Security team in related application threat investigation and prevention

QUALIFICATIONS AND EXPERIENCES

• Degree in Information Technology, Computer Science, or any related.
• Minimum 3 years of experience in Regression testing, load testing, stress testing, regression testing and others.
• Good working knowledge of software development & testing life cycle.
• Good practical knowledge of Jira, Confluence, and MS Office tools
• Good knowledge in DevSecOps & CI/CD processes
• Experienced in testing tools and methodology
• Good understanding of Cloud technologies, familiarity with DevSecOps
• Hands-on experience in at least two or more: AWS, Azure Cloud or on-premise Data Centre
• Understanding on virtualization and container technologies (Docker, Kubernetes) would be an nice to have
• interest in the field of information security, passionate about security, enjoy challenges and maintain up-to-date knowledge of available and emerging security threats and various security technologies
• knowledge in application security testing, experience with OWASP Testing Guide v3 / 4 and OWASP TOP 10, knowledge of securing APIs
• Experience in Web and/or Mobile applications and common vulnerabilities
• Knowledge of security in micro-services is beneficial
• Experience with threat modelling would be an nice to have
• Professional certifications such as CSSLP, OSCP, Fortify Certification would be an nice to have
• Able to program or script
• Familiarity with automated testing tools would be an nice to have
• Familiarity with property sales platform and/or process would be an nice to have
• Good written & verbal skills, able to communicate with all levels of management & staff

Goel Navneet License No.: 02C3423 Personnel Registration No.: R1982194

Please note that your response to this advertisement and communications with us pursuant to this advertisement will constitute informed consent to the collection, use and/or disclosure of personal data by ManpowerGroup Singapore for the purpose of carrying out its business, in compliance with the relevant provisions of the Personal Data Protection Act 2012. To learn more about ManpowerGroup's Global Privacy Policy, please visit https://www.experis.com.sg/privacy-policy