Position Overview:
CloudBees, the industry leader in CI/CD (Continuous Integration and Delivery) and the driving force behind Jenkins, is actively seeking a seasoned Senior Security Testing Engineer to join our dynamic team. As a vital member of the Platform team, you will play a crucial role in ensuring the security and integrity of CloudBees’ products, specifically CloudBees Flow and CloudBees Core. These products are intricate, encompassing a wide array of technologies, from distributed systems and clustering to databases and complex scheduling.
Specialization: Kubernetes/Cloud Testing
Key Responsibilities:
- Test CloudBees products, ensuring adherence to security requirements.
- Quickly acquire proficiency in new software, enabling swift installation, setup, and configuration.
- Conduct both automated and manual testing, encompassing various DevOps activities to support the QA process.
- Manage and monitor security testing processes for CloudBees’ software.
- Coordinate and manage vulnerability findings, collaborating with cross-functional teams to address and resolve issues.
- Create, update, and maintain test scripts, reports, and other relevant documentation.
- Collaborate closely with product management, support, and engineering teams to understand requirements, establish priorities, formulate test plans, and execute them effectively.
- Work with customer support teams to debug and reproduce customer trouble tickets when necessary.
Job Skills and Experience:
- Excellent oral and written communication skills.
- Deep understanding of Software Testing Methodologies and concepts related to software release.
- 5+ years of experience with automation testing frameworks, proficient in writing automation tests using Groovy or Java.
- Experience with security scanning tools such as Anchore, JFrog XRay, OWASP ZAP scanner, or equivalent.
- Proficiency in Docker and related technologies, including container deployments, Kubernetes, and Helm.
- Familiarity with configuring and working with cloud providers (AWS, GCP).
- Experience with Linux command line interfaces.
- Ability to comprehend Third-Party Software setup and configuration through documentation and creating Docker containers for automation tests.
- Familiarity with HTTPS, REST, HTML, JSON, and similar web-based development technologies.
- Strong judgment, logical thinking, and attention to detail.
- Bachelor’s or Master’s degree in computer science or a related field is highly preferred.
Nice to Haves:
- Language proficiency in Perl and/or Python.
- Previous experience with security certifications such as Iron Bank.
- Experience with DefectDojo is a plus.
- Previous experience with Test Management/Reporting Tools.
- Familiarity with CI/CD processes and tools such as Jenkins, GitLab, TeamCity, or Bamboo.
- Previous experience with bash scripting and other command line interfaces on Linux, MacOS, and Windows.
Responsibilities:
- Contribute to a two-week Sprint, executing payloads in collaboration with developers.
- Work as an independent contributor within a team of developers and other test engineers.
- Collaborate with product management, support, and engineering teams to establish priorities.
Benefits:
- Highly competitive benefits and vacation package.
- Opportunity to work for one of the fastest-growing companies with some of the most talented individuals in the industry.
- Team outings.
- Fun, hardworking, and casual environment.
- Endless growth opportunities.