remoteonsite

Principal Cyber Security Test Engineer - OneAdvanced

QA Engineer

Lead the integration of automated security analysis into CI/CD pipelines, championing a shift‑left security culture across .NET, Java, and Node.js stacks while ensuring compliance with NIST and ISO27001 frameworks.

About the role

Key Responsibilities

Embed security controls into the SDLC for .NET, Java, and Node.js applications, ensuring early detection of vulnerabilities.
Design, implement, and maintain automated SAST, SCA, and GitHub Actions workflows that run on every code commit.
Lead threat‑modeling sessions with development teams to identify risk areas and recommend mitigations.
Collaborate with DevOps to integrate security findings into CI/CD pipelines and enforce remediation policies.
Audit and validate compliance with NIST and ISO27001 standards, producing actionable reports for stakeholders.

Requirements

10+ years of experience in application security, with deep knowledge of SAST, SCA, and CI/CD tooling.
Proven track record of securing .NET, Java, and Node.js codebases in large enterprises.
Strong understanding of threat modeling frameworks and security best practices.
Experience with GitHub Actions, Azure DevOps, or equivalent CI/CD platforms.
Excellent communication skills to translate technical findings into business‑friendly recommendations.

Skills

github actions

CompanyOneAdvanced

DepartmentEngineering

LocationKarnataka, India

Experience7+ years

Tenurefull-time

LevelLead

Posted June 24, 2026