We are looking for a Principal AQA Engineer who will champion the highest quality, security, and performance standards throughout every phase of our software development lifecycle. The ideal candidate brings extensive experience in both manual and automated testing, emphasizing penetration and security testing to safeguard and enhance our FinTech solutions.
Requirements: * 8+ years in QA engineering, with a strong focus on test automation and application security testing; * Automation experience using Python, Bash, or JavaScript; * Experience working in FinTech or other highly regulated industries; * Hands-on experience with automation frameworks such as Playwright or Cypress (Selenium — a plus); * Proficiency in API testing using tools like Postman or REST Assured; * Solid experience with security testing tools such as Burp Suite, OWASP ZAP, and knowledge of common vulnerabilities (OWASP Top 10); * Familiarity with CI/CD processes and integrating automated tests into pipelines (e.g., Jenkins, GitLab CI); * Understanding of authentication & encryption mechanisms (e.g., JWT, OAuth2) and general data protection practices; * Comfortable collaborating with developers to address secure coding issues; * Strong problem-solving and analytical skills; * English level — Upper-Intermediate.
Will be plus: * Certifications in ethical hacking (CEH, OSCP, GPEN, or similar); * Familiarity with blockchain security and cryptographic implementations; * Exposure to compliance frameworks.
Responsibilities: * Develop and implement comprehensive testing strategies across the entire software development lifecycle; * Perform manual and automated testing to validate application functionality, performance, and security; * Conduct penetration testing and security vulnerability assessments to identify risks and weaknesses; * Ensure compliance with FinTech security standards and regulatory requirements; * Design and maintain test automation frameworks for backend services, APIs, web, and mobile applications; * Perform API testing (GraphQL, REST) using tools like Postman, Newman, or GraphQL Playground; * Validate AWS cloud infrastructure security and identify potential vulnerabilities; * Collaborate closely with development teams to ensure secure coding practices; * Monitor application performance, scalability, and reliability using testing tools and methodologies; * Establish CI/CD testing pipelines, integrating automated tests into the development workflow; * Perform load and stress testing to ensure the system can handle high transaction volumes; * Provide detailed test reports, document security risks, and recommend remediation strategies; * Conduct code reviews from a security perspective, ensuring best practices are followed; * Work closely with internal teams (developers, product managers, operations, security teams, and business stakeholders) to define system requirements and resolve issues; * Mentor junior QA engineers, fostering a quality and security-first development culture.
We offer: * Competitive compensation; * Social package (24 working days of annual leave, 5 paid sick days); * Flexible working hours; * Challenging projects in diverse business domains and a variety of tech stacks; * Personal development and professional growth opportunities; * Work with talented, ambitious and family-feel teams; * Educational possibilities: corporate courses, knowledge hubs, and in-house English classes; * Compensation for your professional certification & support for your learning activities; * Opportunity to choose IT equipment you like; * Corporate social responsibility.
