What does a successful Sr. Software Security Test Engineer -Device OS do at Fiserv?
Join the DeviceOS team at Clover and play a key role in securing our industry-leading Point of Sale devices! As a Senior Software Security Test Engineer, you’ll design and execute QA test plans for the Secure OS that powers Clover devices, ensuring top-tier security and reliability. If you thrive in a fast-paced, highly skilled team and have a passion for embedded security, we want to hear from you!
What you will do:
- Design and develop QA & Automation strategies for security features in Clover Point of Sale (POS) devices.
- Own the platform quality for one or more Clover hardware product lines.
- Understand the PCI-PTS and PCI-PIN specifications, and implement test cases to test against these standards.
- Troubleshoot and resolve complex cryptographic issues to ensure data security.
- Test and optimize symmetric and asymmetric crypto algorithms for embedded operating systems for power and performance.
- The Security Test Engineer will help us build the future of smart payment terminals & POS devices that power billions in transactions.
- Will work hands-on with PCI-PTS standards, embedded cryptography, & secure OS components to ensure our payment systems stay one step ahead of threats.
What you will need to have:
- Bachelor's Degree (preferably Computer Science or Engineering) or equivalent combination of experience, education and military.
- 5+ years of experience in software QA with hands-on experience in embedded security.
- Hands-on experience in embedded security, penetration testing, ethical hacking, or something similar.
- Proven ability to build test plans, define testing strategies, and identify high-risk areas.
- Solid grasp of security concepts such as cryptography, encryption, PKI, HSM, certificate management, and secure protocols like TLS and mTLS.
- Hands-on experience with UI Automator, Selenium, Cypress, or other UI automation frameworks.
- Proficiency in scripting languages like Python or shell scripting.
- Familiarity with CI/CD tools such as GitHub, Jira, and Jenkins.
What would be great to have:
- Experience with developing a certified/regulated product (PCI, medical, automobile, high assurance computing, etc.).
- Experience with black-box and automated testing on Android platforms (AOSP or equivalent).
- Ethical Hacking, Penetration Testing, and OWASP.
Important info about this role:
- We’re better together. This role is fully on-site.
- In order to be considered, you must be legally authorized to work in the U.S. without need for sponsorship now or in the future.
#LI-SH2
R-10355138
