Contributing to a thriving and sustainable world by developing science-led solutions to built environment challenges
QA Engineer
Location
United Kingdom
Posted
1 day ago
Salary
£40K - £45K / year
Seniority
Senior
Job Description
QA Engineer
BRE
• Design, maintain, and execute manual and automated tests across a range of applications. • Create clear, structured, and maintainable test cases aligned to requirements, user stories, and acceptance criteria. • Conduct functional, regression, integration, API, exploratory, accessibility, and cross-browser testing. • Identify, document, prioritise, and retest defects, ensuring issues are communicated clearly and efficiently. • Collaborate with development and product teams to embed quality throughout the Agile delivery process. • Support risk-based testing approaches, focusing effort where it delivers the greatest value. • Contribute to improving test coverage, automation capabilities, and overall software delivery practices. • Help raise awareness of quality best practice and encourage shared ownership of quality across teams.
Job Requirements
- Experience working in a Software Quality Assurance or QA Engineer role.
- Hands-on experience with both manual and automated testing.
- Experience using test management and delivery tools such as Jira or Azure DevOps.
- Ability to interpret requirements, user stories, acceptance criteria, designs, and technical documentation to define effective test coverage.
- Experience creating and maintaining detailed test cases, including traceability and supporting evidence.
- Strong API testing experience, including validation of requests, responses, authentication, authorisation, status codes, and error handling.
- Experience working within Agile delivery teams and sprint-based development environments.
- Excellent attention to detail and a commitment to delivering high-quality outcomes.
- Strong communication and stakeholder collaboration skills.
- Knowledge of Java, C#, or JavaScript for supporting test automation activities (desirable).
- Experience contributing to automated regression test suites (desirable).
- Experience with automation tools such as Selenium or Playwright (desirable).
- Knowledge of security testing practices (desirable).
Benefits
- Pension scheme – 5% employer-matched contribution
- Life assurance – 4x your basic salary
- Enhanced maternity package
- HealthPartners cashback scheme – Reclaim costs on prescriptions, physiotherapy, dental care, and more
- Onsite facilities – Restaurant, nursery, and free parking, including at-cost EV charging points
- Free access to BRE Academy and our online learning platform
- Professional membership reimbursement
Related Guides
Related Categories
Related Job Pages
More QA Engineer Jobs
App Tester
RecruitGoFind top talent in emerging markets and hire them hassle-free with RecruitGo's EOR services.
• Testing app functionality (e.g., receiving or sending money, checking transaction history etc.) using your device. • Use your own mobile device (Android or iPhone) for testing.
Application Tester, Part Time
RecruitGoFind top talent in emerging markets and hire them hassle-free with RecruitGo's EOR services.
• Execute application test cases according to project guidelines. • Validate user workflows and application functionality. • Participate in scheduled Zoom meetings with the project team. • Document testing results and report any issues identified. • Collaborate with team members to ensure project objectives are completed on time.
English to Vietnamese LQA Games Tester
TransPerfectTransPerfect, founded in 1992 by seasoned translation industry professionals Liz Elting and Phil Shaw, is one of the world's leading providers of technology-ena
• Identify, isolate, document and fix any localization / linguistic issues and verify fixes by using test tools or databases. • Follow and complete Test Cases / Checklists to perform targeted testing and execute relevant testing processes and procedures. • Write bug descriptions based on company standards and client specifications. • Apply knowledge of user preferences in Target Market to influence the client’s product. • Proactively look for gaps in test coverage. • Collaborate with partner teams in testing the product. • Offer constructive feedback on gameplay, fun factor, and game balance based on knowledge of target market. • Complete all other tasks that are deemed appropriate for the role.
ICAM Pen Tester
Koniag Government Services, LLCKoniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies.
Role Description Koniag IT Systems, LLC, a Koniag Government Services company, is seeking an experienced ICAM Penetration Tester to join a team supporting Identity, Credential, and Access Management (ICAM) solutions for our government customers. The ideal candidate is a highly skilled and technically proficient security professional with deep expertise in penetration testing methodologies and a strong understanding of identity and access management architectures, protocols, and technologies in a federal environment. This individual will play a critical role in proactively identifying and assessing vulnerabilities within ICAM systems and infrastructure, helping to strengthen the overall security posture of mission-critical identity and access management programs. The ICAM Penetration Tester will be responsible for planning, executing, and reporting on penetration tests and security assessments targeting ICAM systems, infrastructure, and related integrations in a federal government environment. This individual will work closely with ICAM engineers, information system security managers (ISSMs), security teams, and government stakeholders to identify vulnerabilities, assess risk, and provide actionable remediation recommendations that strengthen the security of identity and access management solutions. - Plan, scope, and execute penetration tests and security assessments against ICAM systems, platforms, and integrations, including identity providers, access management solutions, directory services, and federation components. - Conduct targeted security assessments of ICAM-specific attack surfaces, including authentication mechanisms, authorization controls, identity federation protocols, single sign-on implementations, multi-factor authentication configurations, and privileged access management systems. - Perform adversarial simulations and red team exercises focused on identity-based attack techniques, including credential theft, privilege escalation, lateral movement, token manipulation, session hijacking, and identity spoofing. - Assess the security of ICAM protocols and standards implementations, including SAML 2.0, OAuth 2.0, OpenID Connect (OIDC), LDAP, and Kerberos, identifying misconfigurations and exploitable weaknesses. - Conduct vulnerability assessments and security reviews of ICAM platform configurations, including Okta, SailPoint, Active Directory, and related identity infrastructure components. - Perform web application penetration testing against ICAM portals, administrative consoles, APIs, and self-service interfaces. - Conduct API security testing against ICAM REST and SCIM APIs, identifying vulnerabilities such as broken object level authorization, excessive data exposure, and injection flaws. - Simulate social engineering and phishing attacks targeting identity credentials and authentication mechanisms to assess human and technical control effectiveness. - Document and communicate penetration test findings in clear, detailed reports tailored to both technical and executive audiences, including vulnerability descriptions, risk ratings, evidence, and actionable remediation recommendations. - Collaborate with ICAM engineers, administrators, and ISSMs to validate and prioritize remediation efforts and re-test vulnerabilities following remediation activities. - Support the development and maintenance of penetration testing methodologies, playbooks, and procedures specific to ICAM environments. - Contribute to threat modeling activities, identifying potential attack vectors and adversarial techniques relevant to ICAM architectures and federal identity management programs. - Stay current with the latest identity-related vulnerabilities, attack techniques, threat actor tactics, techniques, and procedures (TTPs), and emerging security research relevant to ICAM. - Support ATO processes by contributing findings and security assessment results to security documentation, including Security Assessment Reports (SARs) and Plans of Action and Milestones (POA&Ms). - Provide technical guidance and recommendations on ICAM security hardening, secure configuration baselines, and identity security best practices. - Participate in purple team exercises, collaborating with defensive security teams to improve detection and response capabilities for identity-based attacks. Qualifications - Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field from an accredited college or university; equivalent work experience may be considered in lieu of a degree. - 4+ years of hands-on experience conducting penetration tests and security assessments in an enterprise or federal government IT environment. - 2+ years of experience performing security assessments specifically targeting identity and access management systems, protocols, or infrastructure. - Active Secret Clearance required. Requirements - Exceptional communication skills in English – both written and oral – with the ability to clearly communicate complex technical vulnerabilities and risks to both technical and non-technical audiences, including senior leadership and government stakeholders. - Demonstrated hands-on experience planning and executing penetration tests using industry-standard methodologies, including PTES (Penetration Testing Execution Standard), OWASP Testing Guide, and MITRE ATT&CK framework. - Deep understanding of identity and access management attack techniques and adversarial tactics, including credential harvesting, pass-the-hash, pass-the-ticket, Kerberoasting, golden ticket attacks, token forgery, OAuth abuse, and SAML injection. - Strong knowledge of ICAM protocols and their associated vulnerabilities, including SAML 2.0, OAuth 2.0, OpenID Connect (OIDC), LDAP, Kerberos, and SCIM. - Experience conducting web application penetration testing, including testing of authentication and authorization mechanisms, session management, and API security. - Proficiency with penetration testing tools and frameworks, including Metasploit, Burp Suite, Cobalt Strike, BloodHound, Impacket, Mimikatz, or equivalent toolsets. - Experience assessing Active Directory environments for identity-related vulnerabilities, misconfigurations, and attack paths. - Familiarity with Okta, SailPoint, or similar ICAM platforms and the ability to assess their configurations for security weaknesses. - Experience developing detailed, high-quality penetration test reports with clear vulnerability descriptions, risk ratings, evidence, and remediation recommendations. - Knowledge of common vulnerability scoring systems, including CVSS, and the ability to accurately assess and communicate risk severity. - Strong understanding of network protocols, operating systems, and cloud environments and their intersection with identity security. - Familiarity with NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment) and other federal security assessment standards. - Ability to work collaboratively with defensive security teams, ICAM engineers, and government stakeholders in a responsible and professional manner. Benefits - Competitive compensation. - Extraordinary benefits package including health, dental and vision insurance. - 401K with company matching. - Flexible spending accounts. - Paid holidays. - Three weeks paid time off. - And more.


