Title: Web/ React SDET
Location: SFO, CA (5 Days Onsite)
Skills: Security, Compliance, QS, RM
Job Description: We are seeking a
WebReact SDET Security, Compliance, QS, RM Resource having 8+ years of professional experience for technical software development (SDET) with a focus on web application quality (React), security standards, regulatory compliance, and risk management (RM). A Web/React SDET Security, Compliance, QS, RM professional acts as a specialized engineer, ensuring that React-based frontend systems and supporting services are secure, compliant, and thoroughly tested before deployment.
This role requires close collaboration with cross-functional teams, adherence to Engineering standards, Architecture patterns and Agile practices, and ownership of service quality and delivery.
Key Responsibilities - utomation Development: Design and maintain automation frameworks (e.g., Playwright, Selenium) using JavaScript/TypeScript, Java, or Python to test React-based web applications. Develop and execute automated security test plans using the tools like Selenium or Custom framework to identify vulnerabilities (E.g. OWASP Top 10) within React components and APIs
- Frontend Security Testing: Perform security testing, including OWASP top-ten prevention, cross-site scripting (XSS) prevention, and CSRF protection within React components.
- PI Security & Validation: Validate Backend APIs to ensure secure data handling and authentication
- Regulatory Compliance: Ensure applications meet compliance standards (e.g., HIPAA, GDPR, ISO 27001, NIS2/DORA). Design and maintain automated "Quality Systems" that monitor software health, performance, and reliability throughout the development lifecycle
- Security Control Assessment: Evaluate and implement security controls, including managing security telemetry (SIEM, EDR) and patching identified vulnerabilities.
- Compliance Audits: Support internal and external audits, including technical documentation of security measures
- Regulatory Compliance: Ensure applications meet compliance standards (e.g., HIPAA, GDPR, ISO 27001, NIS2/DORA).
- Security Control Assessment: Evaluate and implement security controls, including managing security telemetry (SIEM, EDR) and patching identified vulnerabilities.
- Compliance Audits: Support internal and external audits, including technical documentation of security measures
Mandatory Technical Skills & Competencies - Languages: Strong proficiency in React.js, JavaScript, TypeScript, Python, Java.
- utomation Tools: Selenium, Cucumber BDD, RestAssured, or Playwright/Cypress.
- Frontend: Deep understanding of React.js, including hooks, state management, and component lifecycle to write effective unit and integration test
- Database: Excellent SQL skills for verifying financial data, according to this Build In job listing.
- Infrastructure: Experience with cloud services (GCP) and containerization
- Programming Expertise: Proficiency in languages like JavaScript/TypeScript, Java, Python, C#, Go, or Kotlin used in modern sports tech stacks.
- utomation Tooling: Experience with tools like Selenium, Playwright, Cypress, Appium (for mobile), and REST Assured (for APIs).
- Experience with static/dynamic application security testing (SAST/DAST) tools and vulnerability scanners
- Knowledge of monitoring tools such as Prometheus, Grafana, or ELK stack .
- Understanding of distributed tracing and logging .
- Cloud concepts like fundamentals, App Configuration / App Settings, Key Vault, Cache, Service Bus (queues/topics), Event driven architecture, Blob Storage, cloud security, scalability, and resiliency patterns
- Understanding of Microservice Development design, implementation, Middleware (Kafka), filters, exception handling, logging, Authentication and authorization (JWT/OAuth concepts), Performance optimization and secure coding practices
- gile and Collaboration Tools: Sprint planning, work item tracking, and agile delivery, Technical documentation and knowledge sharing
