Senior Product Security Engineer, Pen Tester at Blackhawk Network | Hybrid Hired

About the role

Senior Penetration Tester leading security assessments to defend fintech platform against fraud. Focusing on automation and scalable defenses in a fast-paced environment.

Responsibilities

Lead penetration testing engagements focused on payment abuse, transaction manipulation, and business logic exploitation
Design and execute automated attack simulations to test our defenses against: Carding and BIN attacks, Credential stuffing and account takeovers, Checkout and payment flow abuse, API-level enumeration and fraud
Build custom tooling and frameworks to mimic the behavior of real-world fraudsters and cybercriminals
Partner with fraud engineering, product security, and risk teams to identify weak points in our controls, detection systems, and architecture
Conduct threat modeling and red teaming exercises related to payments, authentication, and user account abuse
Document findings in technical reports with clear risk impact, exploitability, and remediation guidance
Mentor junior testers and contribute to a culture of security innovation and continuous improvement

Requirements

7+ years of experience in offensive security, penetration testing, or red teaming
Strong background in payment systems, financial fraud tactics, and transaction-level attack surfaces
Fluency in scripting and automation (e.g., Python, JavaScript, Go, Bash) to simulate attacker workflows at scale
Familiarity with tools like Burp Suite Pro, Selenium, Scapy, ffuf, SQLMap, Metasploit, and bot automation frameworks
In-depth knowledge of fintech technologies (e.g., tokenized payments, card vaulting, 3DS, ACH, real-time payment APIs)
Solid grasp of common attacker techniques: carding, fake identity generation, bypassing rate limits, evading fraud filters, and abusing web/app logic
Strong communication skills for explaining findings to both technical and non-technical audiences
Certifications: OSCP, OSEP, GWAPT, GPEN, GCPN, GXPN, GX-PT, CPSA/CRSA by CREST, CHECK, or TIGER
Prior experience in a fintech, digital banking, or payment gateway environment
Familiarity with OWASP Automated Threats, PCI DSS, MITRE ATT&CK for Financial Services, or fraud detection systems
Experience building or testing real-time risk scoring engines and fraud defense pipelines

Benefits

401k with employer match
medical
dental
vision
12 paid holidays in the year 2025
1 hour of sick pay accrual for every 30 hours worked
parental leave
life insurance
disability insurance
accident and illness insurance
health and dependent care flexible spending accounts
wellness benefits
flexible time off for all full-time employees

Similar roles

Browse all Qa Engineer jobs

30 minutes ago

JU

QA Manual Tester – all genders

JustPlay

QA Manual Tester responsible for testing mobile games and backend services at Gimica. Collaborating with developers and teams to ensure game quality and stability.

Hybrid Role

Munich Germany Qa Engineer

1 hour ago

NE

Supplier Quality Engineer

NEO2

Quality Engineer involved in innovative industrial projects at NEO2 in Strasbourg. Focused on improving supplier quality and ensuring compliance with standards in an environmentally sustainable context.

Hybrid Role

Strasbourg France Qa Engineer

€45,000 per year

1 hour ago

GT

Analista de Pruebas Funcionales Semi Senior

GFT Technologies

Semi Senior Functional Testing Analyst supporting quality assurance for projects. Working remotely or hybrid from Medellin for a technology consulting firm.

Hybrid Role

Medellin Colombia Qa Engineer

2 hours ago

DO

QA Engineer – Freelance

DotWorld

QA Engineer at DotWorld ensuring quality in SaaS products through testing and automation. Collaborating with development teams to maintain application reliability and quality.

Hybrid Role

Switzerland Qa Engineer

7 hours ago

PW

Manual Software Tester

PwC

QA Engineer validating document automation applications for PwC document automation team in Prague. Key role in quality assurance and coordination with cross - functional teams to enhance output.

Hybrid Role

Prague Czechia Qa Engineer

8 hours ago

CP

Group Quality Assurance Manager

Crest Nicholson plc

Group Quality Assurance Manager ensuring quality assurance processes in construction projects across multiple locations. Train and support teams to achieve high standards in quality and compliance.

Hybrid Role

Addlestone United Kingdom Qa Engineer

11 hours ago

MA

Senior Quality Engineer

Matillion

Senior Quality Engineer ensuring quality throughout Matillion's development process for data integration. Driving focus on quality and mentoring team members in a collaborative environment.

Hybrid Role

Hyderabad India Qa Engineer

12 hours ago

PS

QA Team Lead – Automation

Public (Retail World SA)

Lead QA Automation initiatives and design automated frameworks for Public Group’s digital retail solutions. Collaborate with diverse teams to enhance testing processes and product quality.

Hybrid Role

Kifisia Greece Qa Engineer

12 hours ago

GS

Associate Director, Quality Assurance Compliance

Gilead Sciences

Associate Director of Quality Assurance Compliance managing inspection operations and regulatory compliance at Gilead. Collaborating with global teams to enhance inspection strategies and processes.

Hybrid Role

Foster City United States Qa Engineer

$182,070 - $235,620 per year

12 hours ago

VP

QA Engineer – Full Remote or Hybrid

Voyage Privé

QA Engineer implementing automated tests for Voyage Privé's innovative travel tech platform. Collaborating with cross - functional teams in a modern tech environment with Cucumber and Playwright.

Hybrid Role

Qatar Qa Engineer