Jobs · Information Technology · New Jersey

Senior Security Test Engineer

Index Engines · Holmdel, NJ · 2 mo ago
HybridInformation TechnologyFull-time

About the role

We are seeking an experienced and driven Senior Security Test Engineer to join our Engineering team. This role involves developing a best-in-class security testing strategy, managing and executing product security scans, analyzing vulnerability findings, creating security reports, and contributing to improving security processes and metrics.

Responsibilities

  • Develop a best-in-class security testing strategy by combining deep security testing and SDLC expertise with an understanding of product architecture, customer use cases, and industry trends.
  • Manage and execute product security scans at various parts of our SDLC, including DAST, SCA, API, and penetration testing.
  • Perform security testing and analyze vulnerability findings to determine real-world exploitability, reproduce issues, separate false positives from actionable risks, and communicate remediation plans.
  • Verify security fixes and confirm remediation effectiveness.
  • Create clear and actionable security reports.
  • Contribute to our SDLC with respect to security practices.
  • Participate in threat modeling and security design discussions to identify potential risks early in the SDLC.
  • Stay current with security testing trends and continuously monitor and evaluate new tools and technologies.
  • Contribute in responding to customer and partner security inquiries.
  • Collaborate closely with independent security testing teams.
  • Monitor the CVE database and assess potential impacts to our products and customers.
  • Deploy, configure, and maintain Index Engines products in lab environments for security testing.
  • Provide detailed and well-documented updates in Jira tickets, including descriptions of testing performed, steps taken, and results observed.
  • Collaborate closely with peers, sharing expertise and supporting team success and continuous improvement.

Requirements

  • 7+ years of professional experience in a security testing or security engineering role within a product company.
  • Experience identifying and validating software security vulnerabilities in complex applications, including the ability to reproduce and verify findings.
  • Deep understanding of secure SDLC best practices and processes.
  • Experience with DAST, SCA, and API testing using tools such as Tenable Nessus, JFrog, and OWASP ZAP.
  • Knowledge of networking technologies such as proxy servers and firewalls.
  • Strong troubleshooting skills across Linux environments and full-stack applications.
  • Scripting skills in Bash or Python for automation and diagnostics.
  • Excellent interpersonal skills with the ability to work both independently and within a collaborative team environment.
  • Strong written and verbal communication skills for engaging with customers and internal teams.
  • Experience working in a matrixed, global organization, including coordination across time zones.
  • Bachelor’s degree in Computer Science, Information Technology, or a related field.
  • A strong desire to learn, adapt, and grow in a fast-paced, customer-focused environment.

Preferred Qualifications

  • Master’s degree in Computer Science or a related field.
  • Experience using Jira, Confluence, and Xray for issue tracking and documentation.
  • Familiarity with virtualization technologies such as VMware or Hyper-V.
  • Programming experience in Python or C/C++.
  • One or more ethical hacking or security certifications.
  • Hands-on experience with backup technologies, storage systems, and data recovery processes.

Similar jobs