QA of Web application Scanner

leonqin0101

Company Overview
Qualys, Inc., the leading provider of on demand vulnerability management and policy compliance solutions, helps organizations of all sizes discover vulnerabilities, ensure regulatory compliance and prioritize remediation according to business risk with no infrastructure to deploy or manage. QualysGuard, the company's flagship service, conducts automated security audits and provides the quickest route to neutralize worms and other emerging threats. Distributed scanning capabilities and unprecedented scalability make QualysGuard the ideal choice for both SMBs and large, distributed organizations.For more infomation about Qualys, please visit www.qualys.com.

Web Application Scanning QA

Location:               China beijing
Description:

    QualysGuard WAS automates techniques used to identify most web vulnerabilities and delivers a broad scope of coverage for testing web application vulnerabilities such as those in the OWASP Top 10 and WASC-TC, including "SQL injection", "cross-site scripting" and "web site misconfigurations". The WAS scanning engine combines pattern recognition and observed behaviors to accurately identify and verify vulnerabilities.

    Qualys is looking for a highly skilled individual to help test Qualys Web application scanner.  As a Web Application Scanner test Engineer, you will be responsible for the testing, accuracy, stability and performance of the new functionalities and features of WAS.  Here is your chance to work for a pre-IPO security company that is a leader in its space.  Qualifications listed below.


Responsibilities
- Build a reliable testbed in Beijing lab, install and configure different web servers(Apache,IIS,DOMINO,Tomcat, etc) and open source web applications(such as Wordpress,phpBB,MediaWiki,Joomla,MovableType,Drupal,Liferay, etc. )
- Design testing plan for each new function and feature of Qualys web application scanner.
- Implement functional, migration and regression tests using manual and automated scripts
- Work with engineering and support teams to investigate bugs raised by customers, reproduce and prioritize them

Qualifications
- BS/MS in Computer Science (or equivalent field experience) preferred.
- Proficient with WWW concepts, languages and protocols (HTML, XML, HTTP(s)...)
- Knowledge in web application vulnerabilities and attacks, such as XSS(Cross Site Scripting), SQL injection, CSRF(Cross-site request forgery)
- Knowlegde of different kind of web server and web application, including installing and configuration
- Experience with SQL querying
- Experience with command line scripting (shell,Perl, Python...)
- Excellent verbal and written skills, team player


现在有两个空缺，有意者请发简历到 lqin@qualys.com 或leonqin0101@gmail.com

leonqin0101

热招中......

leonqin0101

up......