Fortinet, founded over 20 years ago, has become a driving force in the evolution of cybersecurity and the convergence of networking and security. Our mission is to secure people, devices, and data everywhere, and today we are looking a highly skilled and experienced SDET professional to join our FortiDevSec (Application Security) product team
What You Will Do:
- Create a Test Suite with Custom Test Cases - Develop custom code containing specific types of vulnerabilities across multiple programming languages (e.g., Java, C#, Python, JavaScript/Typescript, C/C++) to validate the efficiency of product in identifying vulnerabilities.
- Test Using Known Vulnerable Applications - Analyze whether the product can identify vulnerabilities known to exist in the intentionally vulnerable applications.
- Assess the Coverage of the product across Supported Languages and Frameworks.
- Perform Manual code review to identifying whether the flagged vulnerability truly poses a risk to the application.
- Familiarity with secure coding standards and frameworks like OWASP, NIST, or ISO 27001.
- Benchmark product against Industry Standards
- Evaluate product Scalability and Performance
- Validation of product integration across multiple IDEs and CI/CD tools (e.g., Jenkins, GitLab CI, Azure DevOps).
- Proficiency in using SAST tools (eg., Coverity, Checkmarx, SonarQube or similar).
- Develop or enhance rules in Semgrep framework (requires understanding on regular expressions, abstract syntax trees (ASTs), and programming language syntax), when necessary.
- Perform product validation when necessary to validate UI functionality, responsiveness, and compatibility across various browsers and devices.
- Collaborate with the development and product teams to understand project requirements and identify test scenarios.
- Design and execute test cases for functional, regression, and performance testing of web applications.
- Track and report product bugs in issue-tracking tools, and work with developers to resolve those.
- Communicate test results to identify risks, dependencies and escalate the same in a timely manner.
- Stay up-to-date with the latest testing methodologies, tools, and technologies to continuously improve the testing process
- Need to work on Containerization Technologies - Docker, Docker file and Docker compose.
Who We Are Looking for:
- Strong knowledge of programming languages (e.g., Java, C#, Python, JavaScript/Typescript, C/C++) and software development practices.
- Experience in software validation.
- Strongly contribute to Test Case/Test script writing.
- Proficiency in using SAST tools (eg., Coverity, Checkmarx, SonarQube or similar).
- Familiarity with secure coding standards and frameworks like OWASP, NIST, or ISO 27001.
- Exposure to development of Semgrep rules (requires understanding on regular expressions, abstract syntax trees (ASTs), and programming language syntax).
- Experience with CI/CD tools (e.g., Jenkins, GitLab CI, Azure DevOps).
- Knowledge on Containerization Technologies - Docker, Docker file and Docker compose.
- Communicate test results to identify risks, dependencies and escalate the same in a timely manner.
Soft Skills:
- Strong analytical and problem-solving skills.
- Excellent communication and collaboration abilities.
- Attention to detail and a proactive approach to identifying and mitigating security risks.
Desired Skills:
- Knowledge/exposure on machine learning and AI is an added incentive.
- “Familiarity with phishing techniques and their impact on application security, including secure input validation and handling.”
Experience:
- 4-5 years of experience in application security, software development, or a related field.
- Prior experience with integrating security tools into the SDLC is a plus.
Working Conditions:
This position requires working from the office full-time; remote work is not available.
Company Culture:
At Fortinet, we foster a culture of innovation, collaboration, and continuous learning. We are committed to creating an inclusive environment where all employees feel valued and respected.
We encourage candidates from all backgrounds and identities to apply. We offer a competitive Total Rewards package to support you in managing your overall health and financial well-being, flexible work arrangements, and a supportive work environment. If you aspire to experience a challenging, enjoyable, and rewarding career journey, we invite you to consider joining us and bringing solutions that make meaningful and lasting impact to our 660,000+ customers around the globe.
