Security Test Engineer

About Responsive

Responsive (formerly RFPIO) is the global leader in strategic response management software, transforming how organizations share and exchange critical information. The AI-powered Responsive Platform is purpose-built to manage responses at scale, empowering companies across the world to accelerate growth, mitigate risk and improve employee experiences. Nearly 2,000 customers have standardized on Responsive to respond to RFPs, RFIs, DDQs, ESGs, security questionnaires, ad hoc information requests and more. Learn more at responsive.io.

About The Role

Responsive is looking for a Senior Quality Engineer (Security) to ensure the security, reliability, and compliance of applications and infrastructure. You will design and execute security tests, identify vulnerabilities, and drive remediation strategies while collaborating with cross-functional teams in an Agile environment.

Essential Responsibilities

• Security Testing & Risk Assessment: Conduct penetration testing, vulnerability assessments, and threat modeling to identify security risks across applications, APIs, and infrastructure.
• Automation & Tooling: Develop and maintain security testing automation using tools like Burp Suite, ZAP or similar tools. Integrate security testing into CI/CD pipelines.
• Incident Response & Remediation: Collaborate with development, QE, and DevOps, teams to investigate security incidents, perform root cause analysis, and validate security fixes.
• Collaboration & Agile Practices: Work closely with engineering, product, and DevOps teams to embed security in the SDLC.
  
  

What We're Looking For

Education

• Bachelor’s degree in Computer Science, IT, or related field.
  
  

Experience

• 5-8 years of experience in security testing, penetration testing, and vulnerability assessment.
  
  

Knowledge Ability & Skills

• Strong experience in web, API, and cloud security testing.
• Proficiency in SAST/DAST tools and security frameworks like OWASP Top 10, CWE, and CVSS.
• Hands-on experience with Burp Suite, ZAP or similar tools.
• Familiarity with network security, authentication mechanisms (OAuth, JWT, SAML), and cryptographic protocols.
• Knowledge of DevSecOps practices and integrating security in CI/CD pipelines.
• Ability to analyze security logs, interpret alerts, and perform root cause analysis.
• Excellent communication skills to collaborate with cross-functional teams and present security findings.
  
  

Why Join Us?

• Impact-Driven Work: Build innovative solutions that redefine strategic response management.
• Collaborative Environment: Work with a passionate team of technologists, designers, and product leaders.
• Career Growth: Be part of a company that values learning and professional development.
• Competitive Benefits: We offer comprehensive compensation and benefits to support our employees.
• Trusted by Industry Leaders: Be part of a product that is trusted by world-leading organizations.
• Cutting-Edge Technology: Work on AI-driven solutions, cloud-native architectures, and large-scale data processing.
• Diverse and Inclusive Workplace: Collaborate with a global team that values different perspectives and ideas.