We are looking for a highly skilled Manual QA Analyst with a security mindset. In this role, you won't just run scripts; you will be the human gatekeeper validating critical security fixes. You will analyze the developer's code changes, understand the root cause of vulnerabilities (like SQL Injection or XSS), and execute precise manual tests to ensure the fix is solid across our Legacy and Modern applications.
Key Responsibilities
* Root Cause Analysis: Review security reports and analyze the vulnerable code to understand why the security gap exists before testing the fix.
* Manual Verification (White-Box Testing): Read and review the code changes (Code Diff) in Classic ASP, Perl, C#, or React to verify the logic of the remediation.
* Exploratory Security Testing: Design and execute manual test cases to try and bypass the fix, ensuring edge cases are covered.
* End-to-End Ownership: Manage the ticket from the moment the developer says "fixed" until you sign off, ensuring no regressions were introduced.
* Config Validation: Manually verify security settings in IIS and SQL Server (checking headers, permissions, etc.).
Required Qualifications
* 5+ years in QA: Strong background in manual testing methodologies, test plan creation, and regression testing.
* Code Literacy (Must Have): Ability to read and understand code logic in a hybrid stack: Classic ASP, Perl, ASP.NET (C#), and JavaScript/React. (You don't need to develop, but you must understand what you are reading).
* Security Knowledge: Familiarity with OWASP Top 10 vulnerabilities and how to manually test for them (e.g., input validation attacks).
* Database Skills: Ability to write SQL queries to validate data and verify SQL injection fixes.