QA Testing Specialist (Application Security)

Job Title: QA Testing Specialist (Application Security)

Location: Charlotte NC (Hybrid)

Type: Contract

Key Responsibilities:

• Design and execute test cases for functional & non-functional requirements
• Perform application security testing and validate vulnerabilities
• Identify log and track defects using Jira/Xray
• Debug issues using browser developer tools (JS/network analysis)
• Perform session manipulation/mocking and request/response validation
• Conduct API testing (Postman/REST tools)
• Collaborate within Agile Scrum teams (onsite/offshore)
• Analyze test results and provide actionable feedback
• Manage test data and contribute to continuous QA improvements

Required Skills

• 5 years in QA testing of Java/JSP-based web applications
• 5 years of Strong knowledge of SDLC STLC Agile Scrum
• 5 years of Hands-on experience in JavaScript/browser debugging (DevTools)
• 5 years of Experience with HTTP traffic analysis payload modification session/token handling
• Familiarity with Jira Xray or similar tools
• 5 years of Experience in API testing
• Understanding of OWASP Top 10 / web security fundamentals
• 5 years of Strong analytical problem-solving and communication skills
• Security Testing Experience (Preferred)
• XSS (Stored/Reflected) CSRF
• Session issues (fixation hijacking token exposure session mocking)
• Cookie security (HttpOnly Secure SameSite)
• IDOR / broken authorization
• Path traversal HTTP verb tampering
• Authentication/login flaws & sensitive data exposure
• Security headers (CSP) caching issues
• Vulnerable/outdated libraries (Axios jQuery )
• API security (including Open Banking / TPP)

Qualifications

• Bachelors degree in computer science / IT or related field
• Experience in banking/financial systems preferred
• Exposure to security tools (Burp Suite OWASP ZAP) is a plus
• Experience working with global Agile teams