Wärtsilä Energy Storage & Optimization (ES&O) is the leading global energy storage optimizer. Our mission is to deliver integrated energy solutions that build a resilient, intelligent, and flexible energy infrastructure - unlocking the way to an optimized renewable future. By integrating renewables, energy management technology, and storage with traditional energy resources, we reinvent clean energy production from the largest and most complex grids to the most remote and essential microgrids. We play a key role in Wärtsilä’s vision towards a 100% renewable energy future through flexibility, reliability, and integration and a more sustainable world for us all.

We are seeking a Senior Quality Assurance Security Test Engineer in Herndon, VA. The Senior QA Security Test Engineer will be responsible for ensuring the quality and security of software applications, primarily in a cloud environment. Responsibilities will include designing, executing, and automating security tests. Identifying vulnerabilities, collaborating with development teams to verify, document and fix security issues. Staying updated with the latest security standards and best practices, essentially acting as a bridge between development and stakeholders to guarantee robust application security across all functionalities.

Main Responsibilities

• Conduct comprehensive security testing, including penetration testing, vulnerability scanning, authentication/authorization checks, network security, service degradation, data encryption analysis, and web application security assessments.
• Create detailed security test plans and cases covering various attack vectors, threat models, and compliance requirements.
• Develop and maintain automated security testing frameworks to efficiently execute regression tests and identify security vulnerabilities in new features.  This can include existing tools that cover security testing needs or creating and maintaining in-house tools.
• Log and track security vulnerabilities discovered during testing, providing clear and concise reports to development teams for remediation.
• Work closely with software developer and product owners to understand security requirements, implement security fixes, and prioritize security issues.
• Stay updated on emerging security threats and trends to proactively identify potential vulnerabilities in applications.

Qualifications

• Deep understanding of security concepts like authentication, authorization, encryption, session management, cloud application security, network security.  Also, understanding of OIDC flow, hypervisors, networking, service degradation and different failure modes.
• Proficient in various security testing techniques including black-box, white-box, grey-box testing, fuzzing, and penetration testing.
• Experience with security-specific automation test tools and developing and maintaining custom automated testing frameworks.
• Expertise in using defect tracking tools to effectively manage security vulnerabilities.
• Excellent communication skills to clearly articulate security risks and collaborate effectively with cross-functional teams.
• Expertise in coding with Python and other scripting languages for developing test automations is strongly desired.
• Enthusiastic about conducting comprehensive security testing, identifying vulnerabilities, and proactively enhancing an organization’s overall security posture and capabilities.
• Familiarity with Continuous Integration/Continuous Deployment (CI/CD) tools and processes.
• Knowledge and experience with Linux, Docker, cloud technologies and common system maintenance tools.
• Solid understanding and practical experience with Agile/Scrum methodologies.
• Demonstrated ability to excel in a dynamic environment by effectively adapting to evolving priorities and requirements.
• Self-driven, highly motivated and can work with a high degree of autonomy and is able to prioritize effectively.
• Knowledge of Google Cloud Platform is a plus.

Last application date: 19/03/2025 

Why you and us:

You will be a part of a global organization with local presence and work in an exciting and dynamic working environment with highly motivated and skilled co-workers. We offer interesting and challenging work tasks, as well as personal and professional development in a great team. If you feel excited by being a part of this working environment and think your personal skills and qualities match the job requirements, we look forward to receiving your job application. At Wärtsilä we value, respect and embrace all our differences, and are committed to diversity, inclusion and equal employment opportunities; everyone can be their true self and succeed based on their job-relevant merits and abilities.

We are not accepting unsolicited submissions from 3rd party recruitment agencies. 

Successful applicant must be authorized to work in the USA without sponsorship. We look forward to hearing from you. Qualified candidates must apply online: https://www.wartsila.com/careers

Individuals hired for positions that require on-site customer interactions and/or in-person travel may be required to be fully vaccinated against COVID-19 or other country-specific vaccinations, unless otherwise prohibited by law. Wärtsilä North America values our employees. We offer a competitive salary and comprehensive benefits package. Wärtsilä North America is an EOE/AA employer.

Effective January 2025, Wartsila companies in the USA will implement a new hybrid work model. Most employees who live within 40 miles of an office will work 2 days per week in office. This model will provide our employees the flexibility of working from home, while also providing the benefits of in-person collaboration twice a week. We will be happy to provide more information during your interview process.

#esocareers

#wärtsiläenergy

#LI-BR1

#LI-Hybrid