QA Engineer / DevSecOps Analyst (Supporting) Job id : 010CEdge Inc • Saint Louis, California, United States
QA Engineer / DevSecOps Analyst (Supporting) Job id : 010
CEdge Inc
- Saint Louis, California, United States
- Saint Louis, California, United States
Über
We provide multi-industry IT solutions across the US and India, including commercial enterprises and state and federal government. Collaborating with clients to determine their business needs, we combine years of knowledge & expertise to develop a strategy that drives results and promotes growth. Our team is dedicated to guiding your business to the forefront through an innovative suite of customized, IT solutions.
Job Description CEdge has an opportunity for a
QA Engineer / DevSecOps Analyst (Supporting) , located in
Saint Louis, MO (remote/on-site when required) . If you are ready to work alongside World Renowned Technology experts, and carry the skills below, this is the opportunity that will inevitably take your career to unbelievable levels!
Clearance Required:
None; MoDOT MACHS background check required.
POSITION SUMMARY
The QA Engineer / DevSecOps Analyst owns the quality and security pipeline for all TMS maintenance and programming deliverables. The contract imposes hard security scan obligations — 90-day mandatory scans, 10-business-day High-Threat remediation, static scan score maintained at 90 or above — that require a dedicated owner. This individual schedules and executes scans, triages results, coordinates remediation with developers, and ensures every SOW deliverable passes quality gates before staging for MoDOT acceptance. This position is not submitted as an Exhibit E biography but is critical to meeting the contract's measurable security SLAs.
KEY RESPONSIBILITIES
Schedule, execute, and report all required 90-day security code scans for critical and external-facing TMS web applications; maintain static scan score ≥ 90 at all times (§2.3.7)
Triage scan results: classify vulnerabilities by severity, assign ownership to developers, and track High-Threat remediation to closure within 10 business days (§2.3.7)
Operate and maintain the CI/CD pipeline in Azure DevOps: configure build triggers, automated test execution, and gate controls that enforce quality and security standards before merge
Develop and maintain automated test suites (unit, integration, regression) for the highest-risk TMS modules; expand coverage during SOW development
Execute SOW quality gates: confirm unit, integration, and system test completion; document results with pass/fail criteria; prepare staging packages for MoDOT acceptance
Participate in code review from a security and test-coverage perspective; flag testability or security concerns during architecture walkthroughs
Track and report security and quality metrics to the Technical Program Manager weekly; produce monthly scan compliance evidence for Program Manager review before invoicing
Ensure mirrored workstation environment at CEdge matches MoDOT's security scanning toolchain; coordinate tool updates within 30 days of MoDOT infrastructure change notifications
Support ADA/Section 508 accessibility testing for all new and modified web-application deliverables
REQUIRED QUALIFICATIONS
Minimum 3 years of software QA, test engineering, or application security experience
Hands‑on experience with static application security testing (SAST) tools (SonarQube, Veracode, Checkmarx, or equivalent)
Experience with CI/CD pipeline configuration in Azure DevOps, Jenkins, or equivalent
Experience writing and executing test plans, test cases, and regression suites for .NET web applications
Ability to classify and triage CVSS-scored vulnerabilities and communicate remediation priorities to developers
Ability to pass MoDOT background check
PREFERRED QUALIFICATIONS
Minimum 1 year of experience similar to MoDOT's technical architecture (.NET, Oracle, Azure DevOps)
Experience with OWASP Top 10 and secure coding practices in a .NET context
Comptia Security+, GIAC GWEB, or equivalent security credential
Experience with accessibility testing tools for Section 508 compliance (WAVE, axe, NVDA)
Missouri residency or St. Louis metro area location
Experience managing scan schedules against contractual cadence requirements
WHAT’S IN IT FOR YOU?
Full Benefits Package
10 Days PTO
10 Paid Holidays
401K
#J-18808-Ljbffr
Sprachkenntnisse
- English
Hinweis für Nutzer
Dieses Stellenangebot stammt von einer Partnerplattform von TieTalent. Klick auf „Jetzt Bewerben”, um deine Bewerbung direkt auf deren Website einzureichen.