Fortinet, founded over 20 years ago, has become a driving force in the evolution of cybersecurity and the convergence of networking and security. Our mission is to secure people, devices, and data everywhere, and today we are looking a highly skilled and experienced Testing professional to join our dynamic team.
This position is for a FortiDAST product team in Fortinet. The product simplifies automated detection of critical vulnerabilities in websites/web applications including those defined by OWASP TOP 10. Using the product can help identify common vulnerabilities and misconfigurations.
What You Will Do:
To design, develop, execute and automate test cases to test the vulnerability assessment and penetration testing service on the web portal Write and execute detailed test plans for feature tests, negative tests, scale and stress tests Ability to build test/internal web applications Analyse test results and debug test failures Track defects from discovery through resolution Strong and effective inter-personal and communication skills and the ability to interact professionally with a diverse group of peers, customers and othersWho We Are Looking for:
We are looking for a QA engineer to develop and execute manual and automated tests with primary focus on penetrating testing of web applications to ensure product quality. You will be involved with testing new product features and take ownership of debugging and working with development team on taking issues to closure. As a team member, you will be self- motivated and work together with the team.
1-3 years of penetration testing of web/cloud applications In depth knowledge of web application attacks and defence strategies (SQL injection, XSS cross-site scripting, CSRF, logic flaws, etc) Strong knowledge of OWASP TOP 10 (both Web and API security) and the ability to effectively communicate methodologies and techniques Should be familiar with Vulnerability Assessment, Penetration Testing and Risk Assessment Good Understanding of all security related fundamentals, standards and compliances Should have a good understanding of application level attacks with hands on experience in discovering and exploiting issues with/without the assistance of tools Proficiency with understanding and writing modifying exploits Packet capture analysis and experience using tools including Burp, Nessus, Nmap, Metasploit, nipper and similar Excellent verbal and written communication skills. Experience in scripting, preferably python Experience on Linux environment and virtualization Excellent problem solving ability with experience in diagnosing complex system issues including strong debugging skills
Preferred Skills:
Knowledge of network protocols, network technologies Experience on relational/non-relational databases Recognised security testing certifications (OSCP, CEH)
Working Conditions:
This position requires working from the office full-time; remote work is not available.
Company Culture:
At Fortinet, we foster a culture of innovation, collaboration, and continuous learning. We are committed to creating an inclusive environment where all employees feel valued and respected.
We encourage candidates from all backgrounds and identities to apply. We offer a competitive Total Rewards package to support you in managing your overall health and financial well-being, flexible work arrangements, and a supportive work environment. If you aspire to experience a challenging, enjoyable, and rewarding career journey, we invite you to consider joining us and bringing solutions that make meaningful and lasting impact to our 660,000+ customers around the globe.