QA Analyst

QA Analyst

POSITION SUMMARY

The Secretary of the Supreme Court of Virginia is seeking to fill an open position for a Senior Quality Assurance Analyst within our Java Development team. In this role the candidate's primary focus will be web application security testing, by designing and performing manual and automated testing on applications to identify risks such as SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), and other common web security vulnerabilities.

In addition, the resource will be called upon to participate in manual testing and test automation, and be responsible for developing test plans, test cases, test scripts, and test execution. Operating in an agile software delivery methodology focused on testing new features within an iteration and providing near immediate feedback to through test automation.

KEY POSITION RESPONSIBILITIES/DUTIES

• Participate in the writing, designing, and executing test cases.

• Maximize test coverage for the most critical features of the system.

• Determine the priority for test scenarios and create execution plans to implement these scenarios.

• Expand upon the existing test case and plans.

• Log and document defects.

MINIMUM QUALIFICATIONS

• 8+ years of hands-on experience in software quality assurance.

• 4+ years of experience using test automation technologies.

• A bachelor's degree in computer science, Information Technology, or a related field.

• Extensive experience in software testing methodologies, test planning, and execution strategies.

• Comprehensive knowledge of the entire Software Development Life Cycle (SDLC)

• Knowledge of industry best practices in quality assurance.

• Experience in guiding and coaching junior and mid-level QA team members.

• Expertise in designing and optimizing performance tests.

• Ability to recommend and implement performance testing strategies.

• Proven experience with Selenium and JMeter.

• Experience with scripting and programming languages relevant to Selenium and JMeter (e.g., Java, Python).

• Capability to review and enhance code quality in automated scripts.

• Experience in creating strategic test plans aligned with overall project objectives and business goals.

• Ability to define and execute comprehensive testing strategies.

• Perform both automated and manual testing to identify vulnerabilities, security flaws, and weaknesses in Systems.

• Leverage OWASP tools like OWASP ZAP, OWASP Dependency-Check and others to conduct security assessments and vulnerability scans.

• Technical knowledge of threat modeling, code review, penetration testing, familiarity with security protocols, understanding of vulnerabilities, scripting languages like Python, Bash, Power Shell, etc. for automation, knowledge of web application security, and the ability to analyze logs and network traffic to identify potential security issues.

• Perform manual and automated testing on applications to identify risks such as SQL Injection, Cross Site Scripting (XSS), Cross-Site Request Forgery (CSRF), and other common web security vulnerabilities.

• Stay current with the latest web application security trends, OWASP vulnerabilities, and emerging attack techniques.

• Familiarity with industry trends and emerging technologies in QA.

• Strong collaboration skills to work closely with development, product management, and other cross functional teams.

• Expertise in managing complex test environments and ensuring their stability and reliability.

• Proficient in defining and tracking key performance indicators (KPIs) for testing processes.

• Ability to generate comprehensive test reports for management

ADDITIONAL PREFERRED QUALIFICATION

• 12+ years of hands-on experience in software quality assurance.

• 8+ years of experience using test automation technologies.

• A master's degree in computer science, Information Technology, or a related field.

• In-depth knowledge of industry best practices in quality assurance.

• Proficiency in penetration testing tools such as Burp Suite, Nessus, Metasploit, Kali Linux, Wireshark, and others.

• Strong knowledge of web application security (OWASP Top 10), network security, and cloud security

• Strong understanding of…