The Position 

We are seeking a highly skilled and forward-thinking Automation QA Engineer to join our OESIS Framework team. This role focuses on ensuring the quality, reliability, and integration of our OESIS across diverse environments through an automation-first and AI-driven testing approach. 

You will design intelligent test systems, validate OESIS behavior at system and integration levels, and leverage AI/ML techniques to enhance test effectiveness and efficiency. 

What you will be doing: 

Automation & OESIS Quality Engineering 

• Design, develop, and maintain scalable automated test frameworks for OESIS validation (preferably using Robot Framework and Python). 

• Drive an automation-first testing strategy for OESIS components and integrations. 

• Ensure high test coverage across: 

• Functional and regression testing 

• API and integration testing 

• System-level and compatibility testing 

• Analyze test results, identify defects, and work closely with developers to resolve issues. 

AI-First Testing Innovation 

• Apply AI/ML techniques to improve test coverage, defect detection, and test maintenance. 

• Explore and implement: 

• Intelligent test generation 

• Self-healing automation 

• Smart test selection and failure analysis 

• Continuously evaluate new AI-driven testing tools and approaches. 

Shift-Left & Agile Collaboration 

• Collaborate early with developers and product managers to improve testability and define quality criteria. 

• Contribute to test strategy, design reviews, and requirement analysis. 

• Actively participate in Agile/Scrum ceremonies and align testing with sprint goals. 

OESIS & Integration Testing 

• Validate OESIS functionality across different operating systems, environments, and third-party integrations. 

• Perform API testing (RESTful services) using tools like Postman or custom scripts. 

• Ensure OESIS reliability, backward compatibility, and ease of integration for customers. 

CI Integration & Continuous Testing 

• Integrate automated tests into CI pipelines (e.g., Jenkins, GitHub Actions). 

• Support continuous testing practices to ensure fast and reliable feedback cycles. 

Quality & Continuous Improvement 

• Investigate and reproduce customer-reported OESIS issues. 

• Continuously improve automation frameworks, test coverage, and QA processes. 

• Promote a quality-first mindset within the team. 

What We Need From You 

• Proven experience as a QA Automation Engineer (2 years minimum). 

• Strong experience building or maintaining automation frameworks (Robot Framework preferred, or similar tools) (2 years minimum). 

• Solid programming skills in Python (or Java/Groovy) (2 years minimum). 

• Strong understanding of software testing methodologies (functional, regression, exploratory). 

• Hands-on experience with API testing. 

• Experience with CI pipelines and version control (Git) (1 years minimum).. 

• Experience working in Agile/Scrum environments. 

• Strong analytical and problem-solving skills with attention to detail. 

• Good English communication skills is a plus. 

AI-Focused Skills (Highly Preferred) 

• Understanding of AI/ML concepts in software testing. 

• Experience applying AI tools to improve testing efficiency or coverage. 

• Interest in building AI-driven QA practices. 

It Would Be Nice If You Have 

• Experience testing SDKs, libraries, or system-level software. 

• Knowledge of cross-platform testing (Windows, Linux, macOS). 

• Experience with performance or reliability testing (e.g., JMeter). 

• Familiarity with debugging tools and logs for low-level/system issues. 

• Bachelor’s degree in Computer Science, Software Engineering, or related field. 

About the Role

The CTO Intelligence Hub is OPSWAT’s internal AI-powered data platform; dashboards and APIs that give leadership real-time visibility into AI adoption, financial performance, customer health, and sales. The platform runs on a fleet of Flask, FastAPI, and Streamlit applications backed by a Fabric → Parquet → S3 data pipeline, all tied together by an agentic coding system where GitHub Issues become production pull requests in under three minutes.

As AI Platform Architect, you own the application layer. You design and build new intelligence products, evolve existing dashboards, and work with the AI coding pipeline — writing the specs, reviewing the plans, and guiding the implementation. You are the “human senior engineer” in a team where your main coding collaborator is Claude.

What You Will Own

• Application architecture: Flask APIs, FastAPI microservices, Streamlit dashboards; schema and data-flow design across 12+ applications
• Agentic coding pipeline: creating well-scoped GitHub Issues, reviewing AI-generated implementation plans, approving or refining, merging PRs; the pipeline (claude-coder) takes issues from triage to production PR in ~3 minutes for routine work
• Data pipeline & analytics: extending the Fabric → Parquet → S3 pipeline; designing new analytics (percentile ranking, quadrant analysis, trend computation); HR enrichment and data quality
• Test-driven development: writing pytest spec suites that the AI implementer must satisfy; test files are the spec and cannot be modified by the AI
• Claude API / CLI integration: building features that call Claude for inference (content generation, analysis, RFP answering); working with OAuth-based CLI inference and direct API patterns
• UX & visualisation: Plotly dashboards, Jinja2 templates, React/Vite prototypes; maintaining the OPSWAT brand system across all apps
• Architecture documentation: keeping Confluence up to date as the system evolves; writing CLAUDE.md context files that teach the AI pipeline how each repo works
• New product design: identifying gaps in current intelligence coverage and proposing, scoping, and shipping new internal tools

You Will Be a Strong Fit If You Have

• 3–7 years of Python backend development (Flask, FastAPI, or equivalent)
• Strong data skills: pandas, SQL, Parquet, data modelling; you are comfortable designing a metrics pipeline from raw HR and usage data to ranked leader-board
• Experience working with LLM APIs (OpenAI, Anthropic, or equivalent) in production
• A test-first mindset: you write tests before code and believe the test suite is the specification
• Clear written communication because your primary “pairing partner” reads GitHub Issues, your ability to write precise, unambiguous requirements directly determines output quality
• Comfort reading and reviewing AI-generated code critically; you know when to approve, when to push back, and when to take the keyboard yourself
• Experience with REST API design and documentation

Nice to Have

• Streamlit or Plotly dashboard development
• React / TypeScript (for UX prototypes)
• Microsoft Fabric, Azure Data Warehouse, or similar cloud data platforms
• Familiarity with GitHub Actions and CI/CD pipeline design
• Experience building multi-language document processing (the RFP automation covers 14 languages)
• Prompt engineering and system-prompt design for agentic workflows
• OPSWAT product knowledge (MetaDefender, OESIS, CDR - not required but helpful)

The Position

• Join the infrastructure team behind MDaaS — a real-time malware scanning platform handling 30M+ requests/day, built on AWS, Kubernetes, and event streaming.

• You'll work in an agile scrum team, owning infrastructure-as-code, CI/CD pipelines, and observability. Security and compliance are first-class requirements, not afterthoughts.

What You Will be Doing

• Deploy and maintain workloads on EKS via ArgoCD — review GitOps PRs, handle sync failures, approve image updates

• Write and update Helm charts / Kustomize overlays across dev / staging / prod

• Triage alerts from Prometheus / Grafana / Coralogix — root cause analysis, resolve or escalate

• Review and apply Terraform changes — plan, validate, and merge infra PRs (EKS, MSK, ALB, IAM)

• Maintain CI/CD pipelines on Bitbucket Pipelines and GitHub Actions — fix broken builds, integrate security scans

• Configure and tune KEDA ScaledObjects for Kafka / RabbitMQ consumers

• Triage CVEs from Blackduck / Trivy reports — prioritize CVSS ≥ 7.0, coordinate patches with dev team

• Rotate secrets, verify External Secrets Operator sync, enforce no-hardcoded-credentials policy

• Document infrastructure and application changes for engineers and QA

• Participate in on-call rotation — incident response, post-mortems, runbook updates

• Research new tools and technologies to address current pain points and improve system reliability, scalability, and security — evaluate, prototype, and propose adoption when appropriate

What We Need From You

Education & Background

• BA/BS in Computer Science, Engineering, or equivalent hands-on experience

Soft Skills

• Strong verbal and written communication in English

• Self-motivated; works well in a fast-paced, collaborative team

• Eager to learn new tools and apply them quickly

• Passionate about solving problems in a principled, elegant way

• Comfortable both teaching and learning from teammates

Cloud & Infra

• AWS hands-on: EKS, ECR, IAM/IRSA, MSK, S3, ALB, VPC, Security Groups

• Terraform: write modules, manage remote state, integrate with CI

• Kubernetes: RBAC, ingress, network policies, HPA, resource tuning — cluster management via Rancher or K9s

• Helm + Ansible: author charts and playbooks, manage versioning

• Docker: multi-stage builds, image optimization

• Linux/Windows systems administration

CI/CD & GitOps

• Bitbucket Pipelines, GitHub Actions, or TeamCity — write and maintain, not just use

• ArgoCD: sync policy, health checks, rollback

• PR-based deployments; no direct commits to main/prod

Observability

• Prometheus, Grafana, CloudWatch, Elasticsearch — setup and maintain

• Structured logging, alert routing, dashboard authoring

Security

• Least privilege: IAM, IRSA, K8s RBAC — no wildcard permissions

• Secret management: External Secrets / AWS Secrets Manager, zero hardcoded credentials

• Supply chain: dependency scanning (Blackduck / Snyk / Trivy), CVE triage by CVSS score

• Network segmentation: private subnets, Security Groups, ingress/egress control

• Working knowledge of ISO/IEC 27001 and SOC 2 Type II — access control, audit trail, change management

• Familiar with CIS Benchmarks for Kubernetes and Linux hardening

Development

• Python and/or Go — scripting, tooling, automation

• Able to read Node.js/TypeScript code to debug service issues independently

AI & Tooling

• Actively uses AI coding tools (GitHub Copilot, Cursor, Claude) in daily workflow — writing scripts, Terraform modules, Helm templates, and debugging

• Knows how to prompt effectively, verify AI output, and not blindly trust generated infrastructure code

Nice-to-have

• Experience in the cybersecurity industry

• Knowledge of compliance frameworks: NIST CSF, HIPAA, GDPR — applied to real infrastructure

• Istio: mTLS, VirtualService/DestinationRule, traffic management

• KEDA advanced: custom metrics, scale-to-zero, cooldown tuning

• Kafka (MSK) operations: topic management, consumer lag, AKHQ

• Policy-as-code: OPA/Gatekeeper or Kyverno

• OWASP container and API security principles

• Coralogix / Datadog with OpenTelemetry — custom pipelines, alert routing

• Kubecost cost analysis, Kubeshark traffic capture

• Experience with large-scale systems: 30M+ requests/day

• Azure exposure (secondary to AWS)

• Has used AI to generate, review, or optimize infrastructure-as-code (Terraform, Helm, bash scripts) and understands its limitations: hallucinations, outdated API references, security blind spots

• Experimented with AI APIs (OpenAI, Anthropic) to build internal automation or tooling

About the Role

The CTO Intelligence Hub is OPSWAT’s internal data platform; a fleet of 20+ containerised applications running on AWS EC2 that deliver AI adoption analytics, financial intelligence, customer health scoring, sales leaderboards, and content generation to OPSWAT leadership and 590+ engineers worldwide. You will own the infrastructure layer that keeps this platform reliable, secure, and scalable.

This is a hands-on individual-contributor role. You will be the sole infrastructure owner on day one, working closely with the CTO and one AI Platform Architect to operationalise and evolve the system.

What You Will Own

• AWS infrastructure: EC2 instances (eu-north-1), S3 buckets, IAM roles, SSM-based remote access (no SSH), security group allowlists across 8 global offices
• Container orchestration: Docker Compose fleet of 20+ services with sequential startup chains, health monitoring, auto-rollback, and OOM prevention on memory-constrained instances
• CI/CD pipeline: GitHub Actions workflows (centralized deploy-app.yml), S3 artifact rotation, per-service smart change detection, post-deploy health checks
• Reverse proxy & SSO: nginx routing, Cloudflare SSL termination, OAuth2 Proxy backed by Azure AD for single sign-on across all internal apps
• Credential & secrets management: OAuth token lifecycle (token-proxy auto-refresh), GitHub org secrets, PAT rotation, SSM Parameter Store, per-app .env files
• Data pipeline operations: EC2 #3 (Fabric → Parquet → S3), daily cron jobs, MSAL token refresh, lockfile and resume logic
• Observability & incident response: health monitor (15-min cron), watchdog deep-checks, Telegram alerting, EC2 reboot recovery, Docker mount-corruption recovery
• Security posture: network-level access controls, credential hygiene, OPSEC between corporate and personal identities

You Will Be a Strong Fit If You Have

• 3–6 years hands-on AWS experience (EC2, S3, IAM, SSM — not just console clicks)
• Solid Docker and Docker Compose skills; you debug failed container starts at 2 am without fear
• GitHub Actions: writing and maintaining multi-job workflows with secrets, artifacts, and matrix builds
• Linux system administration (Ubuntu): cron, systemd, disk management, process investigation
• Python scripting for ops tasks (deployment scripts, health checks, API automation)
• nginx configuration: upstream proxying, path-based routing, SSL
• A security-first mindset: you default to least-privilege and always ask “what happens if this leaks?”

Nice to Have

• Experience with Cloudflare (proxying, SSL, DNS management)
• Azure AD or OAuth2 Proxy familiarity
• PostgreSQL administration
• Experience operating ML/AI inference workloads
• GitHub App development (JWT-based installation tokens)
• Familiarity with Microsoft Fabric or Azure data services

Your daily tasks: 

• Develop and maintain Frontend services for NAVER Services
• Implement Server-Side Rendering (SSR), CI/CD pipelines, and monitoring solutions
• Development of the SSR server for Naver’s search service
• Development of the Next.js server for Naver’s stock service

Your background:

• 5 years of experience with software development in JavaScript or TypeScript
• 3 years of experience with front-end frameworks, full-stack development, or Application Programming Interface (API) development 
• 3 years of experience testing, maintaining, or launching software products
• A deep understanding of HTML and CSS
• A deep understanding of bundling
• Experience and understanding of development in a containerized environment
• Knowledge of web browser mechanisms and rendering processes
• Experience with integration testing, debugging, or troubleshooting

It’s a big plus if you:

• Experience in building JavaScript application libraries and frameworks
• Experience developing accessible technologies
• Experience with infrastructures
• Experience in respecting and improving legacy code
• Experience working with Cloud Build, Cloud Deploy, and GitHub Actions
• Self-motivated, proactive, honest, and have a positive attitude towards teamwork