QA Engineer – Security

  • Remote
  • Anywhere

What We Offer:

  • Canteen Subsidy
  • Night Shift allowance as per process
  • Health Insurance
  • Tuition Reimbursement
  • Work-Life Balance Initiatives
  • Rewards & Recognition

What you will be doing:

  • Plan and perform advanced security tests and assessments against web apps, APIs, mobile apps and related infrastructure hosted on AWS.
  • Conduct threat modelling and attack surface analysis (web, API, authentication, serverless, IAM, network).
  • Execute reconnaissance, advanced vulnerability discovery and verification using manual techniques and automated tooling.
  • Test and assess AWS controls: IAM roles/policies, VPC configuration, security groups, S3, Lambda, API Gateway, EKS/ECS, CloudFront, KMS, etc.
  • Produce clear, prioritized reports: technical findings, risk ratings, PoC steps, and remediation guidance.
  • Work with engineering to reproduce, prioritize, and verify fixes; validate mitigations.
  • Build and maintain automated security tests and CI/CD gates (SAST/DAST/IAST/Dependency scanning).
  • Maintain and evolve security-assurance playbooks, checklists, and internal knowledge (runbooks for common classes).
  • Keep abreast of emerging attack techniques, CVEs, and AWS service changes.
  • Occasionally support incident response and post-mortem activities.
  • Ability to understand process and prepare SOPs as and when required.

What we expect to have:

  • 4+ years of experience in application and API security assurance or advanced QA for web and cloud environments.
  • Strong knowledge of common web and API security risks and controls (authentication, authorization, data exposure, injection, etc.).
  • Practical experience testing REST / GraphQL APIs (fuzzing, intercepting, schema abuse, auth bypass).
  • Familiar with AWS services and common secure/insecure configurations (IAM, S3, Lambda, API Gateway, VPC, security groups, CloudTrail).
  • Expertise with advanced security testing tools such as Burp Suite (Pro preferred), OWASP ZAP, Nmap, Nikto, sqlmap, Metasploit, Hydra, etc.
  • Experience with vulnerability scanners (Nessus, OpenVAS) and dependency scanners (Snyk, Dependabot, OWASP Dependency-Check).
  • Comfortable writing PoCs (curl, Python, Node scripts) and proofing exploits safely in test environments.
  • Experience building automated security checks into CI/CD (GitHub Actions, GitLab CI, Jenkins, or similar).
  • Good scripting skills (Python, Bash, or similar).
  • Strong written and verbal communication — can turn technical findings into actionable remediation.
  • Experience of Vanta platform for Security audits.

EDUCATION and/or EXPERIENCE:

  • Bachelor’s degree or equivalent, or 4+ years of experience in security assurance, application security testing, or related fields.
  • Experience with web apps, APIs, mobile apps and AWS is required.

LANGUAGE SKILLS:

  • Ability to read, analyze, and interpret business and technical documents.
  • Strong written and verbal communication skills.
  • Ability to present to senior leadership and external partners.

WORK ENVIRONMENT:

  • Primarily remote. May involve coordination across multiple time zones and work from the office as per need.

To apply for this job email your details to hiren.vaddoriya@etechtexas.com

Job Title : QA Engineer – Security
Department : Product Development
Location : Gandhinagar
Schedule & Shift : UK Shift (12:30 PM or 1:30 PM - Rotational)
Scroll to Top

Contact Us

Request A Free Consultation

Request a Demo

Request a Free Trial

HIRE DATA SCIENTISTS

Thank you for sharing your details. Click below link to watch.