QA Engineer Security & Access Control Testing

QA Engineer Security & Access Control Testing

Posted 6 days ago by 1760515268

Apply
Negotiable
Outside
Remote
USA
Apply
Access Controls Appian (Software) Authentications Authorisation (Computing) Automation Business Planning Business Process Monitoring (BPM) Continuous Integration and Continuous Delivery Information Systems Security Java (Programming Language) Microsoft Word Open Web Application Security Project (OWASP) Powerapps Privilege Escalation Python (Programming Language) Salesforce Scripting Security Testing Selenium (Software) Stakeholder Management Test Automation Test Suite Verification And Validation Workflow Automation Workflows

Summary: Client is seeking a QA Engineer with expertise in security testing, particularly in permissions and access control validation. The role involves ensuring systems enforce correct user roles and access boundaries while collaborating with various stakeholders to design and automate test plans that mitigate security risks. The position is remote and focuses on both low-code/no-code platforms and custom-built solutions. The ideal candidate will have a strong background in QA engineering with a focus on security testing.

Key Responsibilities:

  • Develop, maintain, and execute test plans for access control, permissions, and workflow security.
  • Partner with Infosec, Product, and Engineering teams to define security testing requirements and acceptance criteria.
  • Perform manual and automated security testing of role-based access controls, authentication flows, and authorization rules.
  • Validate workflow-driven applications and low/no-code systems for correctness, escalation rules, and data leakage prevention.
  • Build and maintain automated test suites using tools like Testim.io (or similar frameworks).
  • Identify gaps in access policies, privilege escalation risks, and workflow misconfigurations.
  • Document test cases, defects, and results clearly for both technical and business audiences.
  • Advocate for security development and testing practices within the engineering lifecycle.

Key Skills:

  • 4+ years of experience in QA engineering, with a focus on security testing.
  • Strong understanding of permission models, RBAC/ABAC, and access control testing.
  • Experience working with workflow automation, BPM, or low/no-code platforms (e.g., Appian, Salesforce, PowerApps).
  • Ability to collaborate with business teams, engineers, and security experts to translate requirements into effective tests.
  • Hands-on experience with test automation tools (preferred: Testim.io, Selenium, Cypress, Playwright).
  • Familiarity with CI/CD pipelines and integrating automated security/QA tests.
  • Strong problem-solving skills, attention to detail, and ability to work independently.

Salary (Rate): undetermined

City: undetermined

Country: USA

Working Arrangements: remote

IR35 Status: outside IR35

Seniority Level: undetermined

Industry: IT

Role: QA Engineer Security & Access Control Testing
Location: Remote
Job Type: Long term Contract

Role Summary:

Client is seeking a QA Engineer with a strong background in security testing, specializing in permissions and access control validation. This role will focus on ensuring that our systems enforce correct user roles, access boundaries, and workflow rules across both low-code/no-code platforms and custom-built solutions. Additionally, this role will collaborate closely with business plans stakeholders, engineering teams, and information security to design, execute, and automate test plans that protect our applications from security and compliance risks.

Responsibilities

  • Develop, maintain, and execute test plans for access control, permissions, and workflow security.
  • Partner with Infosec, Product, and Engineering teams to define security testing requirements and acceptance criteria.
  • Perform manual and automated security testing of role-based access controls, authentication flows, and authorization rules.
  • Validate workflow-driven applications and low/no-code systems for correctness, escalation rules, and data leakage prevention.
  • Build and maintain automated test suites using tools like Testim.io (or similar frameworks).
  • Identify gaps in access policies, privilege escalation risks, and workflow misconfigurations.
  • Document test cases, defects, and results clearly for both technical and business audiences.
  • Advocate for security development and testing practices within the engineering lifecycle.

Qualifications:

  • 4+ years of experience in QA engineering, with a focus on security testing.
  • Strong understanding of permission models, RBAC/ABAC, and access control testing.
  • Experience working with workflow automation, BPM, or low/no-code platforms (e.g., Appian, Salesforce, PowerApps).
  • Ability to collaborate with business teams, engineers, and security experts to translate requirements into effective tests.
  • Hands-on experience with test automation tools (preferred: Testim.io, Selenium, Cypress, Playwright).
  • Familiarity with CI/CD pipelines and integrating automated security/QA tests.
  • Strong problem-solving skills, attention to detail, and ability to work independently.

Preferred Experience:

  • Knowledge of OWASP Top 10 security risks.
  • Exposure to compliance frameworks (SOC2, ISO27001, GDPR, etc.).
  • Programming or scripting background (JavaScript, Python, Java).

Thanks & Regards,
Shubham Kumar
Last Word Consulting Inc.
Direct: +1
Office: +1- Ext 418
Email:

Apply
Similar Jobs
Loading data...