Principal Software Engineer (Java Platform)

Position Overview:

CloudBees, the industry leader in CI/CD (Continuous Integration and Delivery) and the driving force behind Jenkins, is actively seeking a seasoned Senior Security Testing Engineer to join our dynamic team. As a vital member of the Platform team, you will play a crucial role in ensuring the security and integrity of CloudBees’ products, specifically CloudBees Flow and CloudBees Core. These products are intricate, encompassing a wide array of technologies, from distributed systems and clustering to databases and complex scheduling.

Specialization: Kubernetes/Cloud Testing

Key Responsibilities:

1. Test CloudBees products, ensuring adherence to security requirements.
2. Quickly acquire proficiency in new software, enabling swift installation, setup, and configuration.
3. Conduct both automated and manual testing, encompassing various DevOps activities to support the QA process.
4. Manage and monitor security testing processes for CloudBees’ software.
5. Coordinate and manage vulnerability findings, collaborating with cross-functional teams to address and resolve issues.
6. Create, update, and maintain test scripts, reports, and other relevant documentation.
7. Collaborate closely with product management, support, and engineering teams to understand requirements, establish priorities, formulate test plans, and execute them effectively.
8. Work with customer support teams to debug and reproduce customer trouble tickets when necessary.

Job Skills and Experience:

• Excellent oral and written communication skills.
• Deep understanding of Software Testing Methodologies and concepts related to software release.
• 5+ years of experience with automation testing frameworks, proficient in writing automation tests using Groovy or Java.
• Experience with security scanning tools such as Anchore, JFrog XRay, OWASP ZAP scanner, or equivalent.
• Proficiency in Docker and related technologies, including container deployments, Kubernetes, and Helm.
• Familiarity with configuring and working with cloud providers (AWS, GCP).
• Experience with Linux command line interfaces.
• Ability to comprehend Third-Party Software setup and configuration through documentation and creating Docker containers for automation tests.
• Familiarity with HTTPS, REST, HTML, JSON, and similar web-based development technologies.
• Strong judgment, logical thinking, and attention to detail.
• Bachelor’s or Master’s degree in computer science or a related field is highly preferred.

Nice to Haves:

• Language proficiency in Perl and/or Python.
• Previous experience with security certifications such as Iron Bank.
• Experience with DefectDojo is a plus.
• Previous experience with Test Management/Reporting Tools.
• Familiarity with CI/CD processes and tools such as Jenkins, GitLab, TeamCity, or Bamboo.
• Previous experience with bash scripting and other command line interfaces on Linux, MacOS, and Windows.

Responsibilities:

• Contribute to a two-week Sprint, executing payloads in collaboration with developers.
• Work as an independent contributor within a team of developers and other test engineers.
• Collaborate with product management, support, and engineering teams to establish priorities.

Benefits:

• Highly competitive benefits and vacation package.
• Opportunity to work for one of the fastest-growing companies with some of the most talented individuals in the industry.
• Team outings.
• Fun, hardworking, and casual environment.
• Endless growth opportunities.