Compliance and InfoSec QA Engineer
San Francisco, New York, Remote
Applications have closed
As a QA Engineer, specializing in compliance and information security quality assurance, you will develop a new program to conduct regression testing and testing of new functionality that addresses compliance and infosec requirements. You will utilize existing quality assurance tools, and specify and maintain new tooling to create a library of test cases that ensure that mandated requirements are continuously being met. You will work closely with regulatory, compliance and security teams to ensure that new use cases are being addressed, and with engineering and QA teams to work within release schedules to complete testing as required.
Your work will enable the company to continue expanding into new areas of the consumer lending industry while ensuring that we keep highly sensitive financial information safe, and meet industry compliance requirements. You will contribute to the overall security of our product offerings, and ensure that our customers have confidence in the compliance areas that we cover in our product offerings.
This role can either be at Blend facilities in SF or NYC. Remote (US Only) is also possible for the right candidate, but not preferred.
How You'll Contribute:
- Build a compliance and security QA program, specifying processes, tools and methodologies
- Work with our QA, compliance and infosec teams to specify new tests and write the tests using automation tools
- Embed sanity checks within the application to enable better “run-time” quality assurance
- Ensure testing is run on a frequent basis and be able to generate reporting for management
- Work with engineering teams to resolve identified deficiencies
- Specify and/or write supporting tools to perform QA activities
- Contribute to our training and testing programs for engineering practices
Who You Are:
- Experience in a software quality assurance role
- Familiar with testing of web and mobile applications as well as cloud-based infrastructure
- Experience with quality assurance testing tools (APIs, mobile applications, web applications) and techniques
- Demonstrated ability to listen, learn, and ask thoughtful questions that help surface issues
- Basic programming skills in TypeScript or JavaScript
- Aptitude for working with cloud-based technology and tools (AWS, GitHub, etc.)
- Experience working with internal teams to resolve QA problems
Bonus Points!
- Understanding of cloud security policy and control frameworks (ISO 27001, SOC 2, PCI-DSS, NIST)
- Domain expertise in mortgage or consumer banking areas
- Experience within fintech or the financial services industry, and familiarity with GLBA requirements.
- Proficiency in other programming languages (we use Typescript, Golang, and Python)
- Working knowledge of Unix and Windows computing tools and data querying languages (Linux commands, SQL)
Bonus Points!
- Understanding of cloud security policy and control frameworks (ISO 27001, SOC 2, PCI-DSS, NIST)
- Domain expertise in mortgage or consumer banking areas
- Experience within fintech or the financial services industry, and familiarity with GLBA requirements.
- Proficiency in other programming languages (we use Typescript, Golang, and Python)
- Working knowledge of Unix and Windows computing tools and data querying languages (Linux commands, SQL)
Benefits and Perks:
- Meaningful equity and a 401(k) plan
- Comprehensive health benefits
- Wellness benefits covering a variety of wellness activities, fitness classes, fitness equipment and more
- Stipends for work from home setup, internet, and meals
- Company-wide mental health days
- Weekly remote all hands
- Flexible work schedule, with open vacation policy
- 16 weeks of paid parental leave
Tags: APIs Automation AWS Banking Cloud Compliance FinTech GitHub Golang ISO 27001 JavaScript Linux NIST Python SOC 2 SQL TypeScript UNIX Windows
Perks/benefits: Equity Flex hours Flex vacation Health care Home office stipend Parental leave Salary bonus Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open IPS-related jobs