CrawlJobs Logo

Automated Security Testing Engineer

· Job Posted April 11, 2026
Apply Position
Job Link Share

Job Description

We are looking for an experienced Security Testing Engineer to join our cybersecurity team and help strengthen the security of modern digital systems. In this role, you will conduct security testing, identify vulnerabilities, and provide actionable recommendations to improve the security of web, mobile, and desktop applications.

Job Responsibility

  • Conduct penetration testing and vulnerability assessments for web, mobile, and desktop applications
  • Identify security vulnerabilities and provide clear remediation recommendations
  • Develop and maintain security testing strategies and methodologies
  • Prepare technical documentation and security reports for stakeholders
  • Collaborate with engineering and development teams to address security issues and improve system resilience

Requirements

  • 3–5 years of experience in security testing and penetration testing
  • Required Certification (one of the following): CREST Practitioner Security Analyst (CPSA), CREST Registered Penetration Tester (CRT), CREST Certified Tester (CCT), Offensive Security Certified Professional (OSCP)
  • Experience testing web, mobile, and desktop applications
  • Strong understanding of application security and common vulnerabilities (OWASP Top 10)
  • Ability to produce clear, structured security documentation and reports
  • Strong analytical and problem-solving skills
  • English skills should be sufficient for taking part in conversations on the technical aspects of projects

Nice to have

  • Experience in automating security testing processes (SAST, DAST, SCA) within CI/CD pipelines
  • Hands-on experience with scripting for automation (Python, Bash, PowerShell)
  • Experience integrating security tools into DevSecOps workflows
  • Ability to develop custom scripts/tools for vulnerability scanning and exploitation
  • Experience with test automation frameworks and orchestration tools (e.g., Jenkins, GitLab CI, GitHub Actions)
  • Experience leveraging AI/ML tools to enhance security testing and vulnerability detection
  • Familiarity with AI-assisted code analysis and pentesting tools (e.g., LLM-based assistants, AI fuzzing tools
  • Ability to use AI tools for automation of reporting, vulnerability triage, and threat analysis
  • Understanding of AI security risks (prompt injection, model abuse, LLM vulnerabilities) is a plus

What we offer

  • Projects for such clients as PayPal, Wargaming, Xerox, Philips, Adidas and Toyota
  • Competitive compensation that depends on your qualification and skills
  • Career development system with clear skill qualifications
  • Flexible working hours aligned to your schedule
  • Options to work remotely
  • Corporate medical insurance covering services of private and public medical centers
  • English courses online
  • Corporate parties and events for employees and their children
  • Internal conferences, workshops and meetups for learning and experience sharing
  • Gym membership compensation
  • 5 days of paid sick leave per year with no obligation to submit a sick-leave certificate

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Automated Security Testing Engineer

8 matching positions

Senior Security Engineer, Security Operations

The senior security engineer role provides a unique opportunity to shape the sec...
Location
Location
United States , REMOTE; SAN FRANCISCO; ROSEVILLE; LEHI; WEST PALM BEACH; IRVINE
Salary
Salary:
146000.00 - 170000.00 USD / Year
goodleap.com Logo
GoodLeap
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong communicator with the ability to lead technical architecture discussions, drive technical decisions, and effectively communicate with non-technical audiences
  • Expertise in security event management, monitoring, threat hunting, incident response, playbook creation, orchestration/automations
  • Experience with threat modeling methodologies
  • Expertise with EDR solutions/platforms, such as CrowdStrike, S1, Palo Alto Cortex EDR
  • Experience with AWS services, including KMS, SST, Container Registry, ELBs, Lambda, API Gateway, CloudTrail, and IAM (knowledge of GCP and/or Azure is a plus)
  • Proven ability to establish credibility and build trust with business, engineers, and operational staff
  • Experience designing, configuring, and implementing security and fraud monitoring for core enterprise systems, e.g., ERP, HCM, Salesforce
  • Experience working with and creating solutions based AI and ML toolsets – e.g., creation of AI skills, agents, MCP clients, vibe coding
  • Strong understanding of both human and non-human identity management and common enterprise and consumer authentication standards and use cases
  • Practical experience with CI/CD pipelines and DevOps tools, including Infrastructure-as-Code (IaC) tools like Terraform, Pulumi, or CDK
Job Responsibility
Job Responsibility
  • Lead, participate in, and contribute to security and fraud monitoring, detection, and response activities, inclusive of investigations, threat hunting,etc. Create playbooks for specific incident response scenarios
  • Identify potential misuse and abuse cases in enterprise systems, propose solutions to detect these scenarios, and identify and implement monitoring and detection solutions for such scenarios
  • Support or develop components of the security analytics platform
  • Support embedded (product) security team
  • Support general security operations team with vulnerability management, tools management, and more
What we offer
What we offer
  • bonus
  • equity
  • Fulltime
Read More
Arrow Right
New

Security Engineer, Product Security

Location
Location
Germany , Berlin
Salary
Salary:
Not provided
staffbase.com Logo
Staffbase
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Practical knowledge of security topics (e.g. penetration testing, secure software development, vulnerability management, SAST, DAST)
  • Programming knowledge, preferably one of the following: TypeScript, JavaScript, Kotlin, Java, Go, or Python
  • Practical knowledge of Unix basics and Kubernetes infrastructure, preferably managed via Terraform and Kustomize
  • Strong communication skills in English (German is a plus)
Job Responsibility
Job Responsibility
  • Take ownership of tasks that improve our security automation and strengthen our product security pipelines
  • Proactively explore the use of AI for vulnerability detection and remediation
  • Continuously learn and share knowledge about how vulnerabilities apply in our specific product context
  • Support the team by enhancing our services with software engineering solutions
  • Collaborate closely with stakeholders across the product department and gain broad exposure to how a growing SaaS company operates
  • Maintain our outbound e-mail security by regularly reviewing the related metrics
  • Maintain our Web Application Firewall ruleset
  • Maintain our central HTML sanitization service written in Typescript
What we offer
What we offer
  • Competitive Compensation - we offer attractive salary packages including LTIP (unit-based Long Term Incentive Plan)
  • Flexibility - we offer flexible working time models and the option of hybrid work, and support this with a yearly flex work allowance of €1560
  • Recharge - with 31 vacation days annually (incl. one floating holiday), plus pro rata fully paid Fridays off during August
  • Support - we’re offering a company pension scheme
  • Volunteers Day - you’ll get one day off per year for supporting a social project
Read More
Arrow Right

Application Security Engineer, AI Security

Notion is looking for security engineers that have a passion for securing comple...
Location
Location
United States , San Francisco
Salary
Salary:
230000.00 - 280000.00 USD / Year
notion.so Logo
Notion
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Security Architecture expertise: You have at least 6+ years of experience working with product teams to design and/or build secure software
  • Thoughtful problem-solving
  • Impact-driven approach to technology
  • Pragmatic and business-oriented
  • Empathetic communication
  • Startup mentality
  • You don’t need to be an AI expert, but you’re curious and willing to adopt AI tools to work smarter and deliver better results
Job Responsibility
Job Responsibility
  • Help define the security models for Notion’s products as they ship, giving guidance to engineering and product teams to ensure new features meet strict enterprise security requirements
  • Perform hands on testing and develop automated red teaming for AI and agentic features, especially focused on AI specific risks like prompt injection
  • Make the secure path the easy path for product teams by providing design guidance and finding architectural solutions that eliminate classes of vulnerabilities
  • Provide developers guidance and education on security and privacy best practices that prevent the authoring of vulnerabilities
  • leverage skills, MCP enabled tools, and hooks to help prevent vulnerabilities for developers using agentic coding tools
  • Participate in and drive mitigation strategies during AppSec related incident responses
What we offer
What we offer
  • Highly competitive cash compensation, equity, and benefits
  • Fulltime
Read More
Arrow Right

Senior Security Software Engineer - Security Operations

The Role GM’s Cybersecurity Team safeguards the company’s global information ass...
Location
Location
United States , Warren
Salary
Salary:
125200.00 - 158600.00 USD / Year
gm.com Logo
General Motors
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-7 years in software security engineering
  • advanced proficiency in modern programming languages
  • Expert in API development, microservices, event streaming, and idempotent integration patterns
  • Experience deploying software using any modern CI/CD pipeline and automated delivery practices
  • Hands-on with security tooling integrations (e.g., SIEM, EDR, SSPM)
  • Proven AI integration experience: LLM agents, embeddings, vector databases, RAG, prompt engineering
  • Cloud proficiency (Azure/AWS/GCP) and IaC (Terraform/Bicep/ARM/CloudFormation)
  • Data engineering fluency: ETL/ELT, schema design, normalization/enrichment
  • formats (JSON, YAML, syslog, STIX/TAXII)
  • Excellent cross-functional communication
Job Responsibility
Job Responsibility
  • Own architecture & delivery for complex integration services (APIs, microservices, event-driven workflows) with production SLIs/SLOs
  • Build AI-driven workflows (RAG, summarization, classification, agents) that augment investigations, triage, and orchestration
  • Create reusable connectors bridging SIEM/EDR/IAM/SSPM/ITDR/ITSM and cloud telemetry with robust error handling, retries, and DLQs
  • Implement security automation (SOAR-like playbooks) that enrich alerts and trigger deterministic + AI-assisted responses
  • Harden and observe services with CI/CD, automated testing, performance profiling, metrics, and incident runbooks
  • Mentor engineers and lead technical design reviews, coding standards, and reference implementations
  • Translate requirements into clear epics/roadmaps
  • align stakeholders and deliver on time with quality
What we offer
What we offer
  • medical
  • dental
  • vision
  • Health Savings Account
  • Flexible Spending Accounts
  • retirement savings plan
  • sickness and accident benefits
  • life insurance
  • paid vacation & holidays
  • incentive pay program based on company, job level, and individual performance
  • Fulltime
Read More
Arrow Right

Cross Technology Service Delivery Field Support Engineer (L2) - Security Engineer

The Cross Technology Service Delivery Security Support Engineer (L2) role at NTT...
Location
Location
Philippines , Makati
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 4 to 6 years of total experience
  • Minimum 2 to 3 years as a Network Security support resource
  • Degree or relevant qualification in IT/Computing (or demonstrated equivalent work experience)
  • Required certification: Check Point Certified Security Administrator (CCSA) or Check Point Certified Expert (CCSE) or Check Point Certified Cloud Specialist (CCCS) or Check Point Certified VSX Specialist or Check Point Certified Maestro Expert or Cisco Certified Network Associate - Enterprise or Cisco Certified Network Associate - Security or Cisco Certified Network Professional – Enterprise or Cisco Certified Network Professional – Security
  • Experience with troubleshooting and providing support in security/network/data center/systems/monitoring Services within a medium to large ICT organization
  • Working knowledge of management agents, redundancy concepts, and products within the supported technical domain (i.e. Security, Network, Data Center, Telephony, Exchange, Cloud, Backup, etc.)
  • Handled security products like Firewalls, Cloud Security and SASE (i.e Check Point NGFW, Check Point CloudGuard, Check Point Harmony, etc.)
Job Responsibility
Job Responsibility
  • Provide a managed service to clients to ensure their IT infrastructure and systems remain operational
  • Proactively monitor, identify, investigate, and resolve technical incidents and problems to restore service
  • Proactively review client requests or tickets and apply technical/process knowledge to resolve them without breaching service level agreement (SLA)
  • Contribute to / support on project work as and when required
  • Monitor client infrastructure and solutions
  • Identify problems and errors prior to or when they occur
  • Routinely identify common incidents and opportunities for avoidance as well as general opportunities for incident reduction
  • Investigate first line incidents assigned and identify the root cause of incidents and problems
  • Fulfill approved requests following agreed procedures
  • Provide telephone or chat support to clients when required
What we offer
What we offer
  • Workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive
  • Part of a global company that is a $30+ billion business and technology services leader
  • Committed to accelerating client success and positively impacting society through responsible innovation
  • Global Top Employer with experts in more than 50 countries
  • Equal Opportunity Employer with a global culture that embraces diversity
  • Fulltime
Read More
Arrow Right

Senior Security Engineer, Application Security

We are hiring a Senior Application Security Engineer to join Turnkey's team and ...
Location
Location
Salary
Salary:
Not provided
turnkey.com Logo
Turnkey
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelors degree in Computer Science, Engineering, or a related field
  • 5+ years of experience in application or product security, ideally in fast-moving, high-impact or crypto-native environments
  • Strong understanding of web, mobile, and cryptographic security fundamentals (e.g. OWASP Top Ten, SANS/CWE Top 25)
  • Proficiency in programming and scripting languages (Typescript/Javascript, Go, Rust) and experience building secure systems from the code up
  • Hands-on experience with security testing tools and methodologies (static/dynamic analysis, pen testing, etc.)
  • Strong understanding of cloud, containerized, and runtime environments (AWS, GCP, Docker, Kubernetes), with the ability to embed security early in the SDLC
  • Excellent analytical, problem-solving, and communication skills, with a collaborative mindset for partnering across product and infrastructure teams
  • Curious, proactive, and passionate about building secure, reliable systems in a fast moving startup environment
  • A builder mentality
  • comfortable operating with ambiguity, tackling incomplete systems, and applying hands-on engineering experience to security challenges.
Job Responsibility
Job Responsibility
  • Partner with Product and Engineering at both the design and development stage to ensure that we implement new features securely, including (but not limited to): Participating in the implementation efforts
  • Doing security reviews
  • Helping with product design decisions
  • Auditing and surfacing vulnerabilities in our current products
  • Conducting threat modeling and security assessments for new features and systems, identifying risks early and shaping secure architectural decisions
  • Developing and improving our Automated Tooling: further enhancing our automated tooling to scale our product security capabilities and find potential code problems both before and after we deploy
  • Making the safe way, the easy way: work on defining and building application guardrails so that developers can build securely by default
  • Investigating and remediating security issues, including vulnerabilities and incidents, and drive long-term improvements to prevent recurrence
  • Embedding a culture of secure development across engineering, defining practices that influence how Turnkey builds, deploys, and maintains systems at scale.
What we offer
What we offer
  • Full benefits, including medical, dental, vision, life, disability, HSA/FSA, 401(k)
  • Paid parental leave
  • Unlimited PTO
  • $3,000/yr learning and development budget to attend industry conferences
  • Multiple team offsites per year
  • Macbook Pro laptop
  • Lunch stipend (for those physically in the New York City office)
  • Fulltime
Read More
Arrow Right

Staff Security Engineer, Product Security

At Mozilla, we believe the internet is a global public resource—open and accessi...
Location
Location
Salary
Salary:
Not provided
mozilla.org Logo
Mozilla
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of relevant hands-on experience in product and application security
  • 5+ years of experience and proficiency in secure coding practices, application security testing (SAST, DAST), threat modeling, and vulnerability assessment
  • Experience in one or more languages like Python, Go, Java, or JavaScript, required for automation and code review
  • Familiarity with security tools like Burp Suite, Nessus, and tools for CI/CD automation
  • Strong communication, collaboration, and problem-solving skills, with the ability to influence and guide cross-functional teams
Job Responsibility
Job Responsibility
  • Safeguard millions of users by embedding security into Firefox, Mozilla VPN, and other mission-critical products
  • Ensure software products are secure by embedding security into the full Software Development Life Cycle (SDLC)
  • Anticipate, prioritize and mitigate risks through proactive threat modeling, security assessments, security testing, and automation
  • Perform security code reviews
  • Lead penetration testing on web, mobile, and embedded applications, then guide remediation efforts
  • Develop and maintain automated security tests within CI/CD pipelines to catch vulnerabilities early
  • Partner with engineers to integrate security throughout the software development lifecycle—not as an afterthought, but as a core design principle. Provide security guidance, develop secure solutions, and facilitate secure releases
  • Help define and enforce security policies and provide security guidance to development teams
  • Help shape Mozilla's security culture through collaboration, guidance, and education
What we offer
What we offer
  • Generous performance-based bonus plans to all eligible employees - we share in our success as one team
  • Rich medical, dental, and vision coverage
  • Generous retirement contributions with 100% immediate vesting (regardless of whether you contribute)
  • Quarterly all-company wellness days where everyone takes a pause together
  • Country specific holidays plus a day off for your birthday
  • One-time home office stipend
  • Annual professional development budget
  • Quarterly well-being stipend
  • Considerable paid parental leave
  • Employee referral bonus program
  • Fulltime
Read More
Arrow Right

Staff Security Engineer, Product Security

At Mozilla, we believe the internet is a global public resource—open and accessi...
Location
Location
Salary
Salary:
Not provided
mozilla.org Logo
Mozilla
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of relevant hands-on experience in product and application security
  • 5+ years of experience and proficiency in secure coding practices, application security testing (SAST, DAST), threat modeling, and vulnerability assessment
  • Experience in one or more languages like Python, Go, Java, or JavaScript, required for automation and code review
  • Familiarity with security tools like Burp Suite, Nessus, and tools for CI/CD automation
  • Strong communication, collaboration, and problem-solving skills, with the ability to influence and guide cross-functional teams
Job Responsibility
Job Responsibility
  • Safeguard millions of users by embedding security into Firefox, Mozilla VPN, and other mission-critical products
  • Ensure software products are secure by embedding security into the full Software Development Life Cycle (SDLC)
  • Anticipate, prioritize and mitigate risks through proactive threat modeling, security assessments, security testing, and automation
  • Perform security code reviews
  • Lead penetration testing on web, mobile, and embedded applications, then guide remediation efforts
  • Develop and maintain automated security tests within CI/CD pipelines to catch vulnerabilities early
  • Partner with engineers to integrate security throughout the software development lifecycle—not as an afterthought, but as a core design principle. Provide security guidance, develop secure solutions, and facilitate secure releases
  • Help define and enforce security policies and provide security guidance to development teams
  • Help shape Mozilla's security culture through collaboration, guidance, and education
What we offer
What we offer
  • Generous performance-based bonus plans to all eligible employees - we share in our success as one team
  • Rich medical, dental, and vision coverage
  • Generous retirement contributions with 100% immediate vesting (regardless of whether you contribute)
  • Quarterly all-company wellness days where everyone takes a pause together
  • Country specific holidays plus a day off for your birthday
  • One-time home office stipend
  • Annual professional development budget
  • Quarterly well-being stipend
  • Considerable paid parental leave
  • Employee referral bonus program
Read More
Arrow Right