Business Analyst / QA Engineer / Application Security Tester
Worldwide
Business Analyst / QA Engineer / Application Security Tester Role Overview We are hiring a hybrid BA + QA + AppSec professional who can own the full lifecycle from requirement analysis through quality assurance and security validation. This role is critical to ensuring business requirements are correctly translated into robust, bug-free, and secure platform workflows. You will work closely with product, engineering, and operations to define, validate, test, and secure features across the platform. Key Responsibilities Business Analysis Gather and document requirements across product catalogue, cart and checkout flows, order lifecycle, and vendor/supplier modules Produce user stories with clear acceptance criteria, BRD/FRD documentation, and edge-case process flows Work with developers to clarify logic and ensure correct implementation Analyse business workflows and recommend optimisations Quality Assurance Design and execute test cases, test plans, and regression test suites Perform functional (UI), API, and integration testing across payments and logistics Validate pricing logic (discounts, taxes) and inventory consistency under varied scenarios Identify, log, and track bugs with clear severity and priority classification Develop and maintain automated test scripts using Selenium, Playwright, or Cypress Perform API testing using Postman or equivalent tools Use Jira for requirement tracking, bug reporting, and sprint coordination Collaborate in CI/CD pipelines for release validation Application Security Testing Perform black-box and grey-box penetration testing on the web application and REST APIs Identify OWASP Top 10 vulnerabilities — with particular focus on IDOR, broken object-level authorisation (BOLA), broken authentication, and injection flaws Simulate privilege escalation and cross-account data access across buyer, vendor, and admin roles Document findings with clear reproduction steps, severity ratings, and remediation guidance Retest post-fix to confirm vulnerabilities are fully resolved Advise the development team on secure coding patterns and preventive design Required Skills Strong understanding of B2B/ecommerce systems: cart, checkout, payments, and order management Experience writing user stories, acceptance criteria, and BRD/FRD documentation Hands-on manual testing of web applications and REST APIs Proficiency with Selenium for test automation and Postman for API testing Familiarity with OWASP WSTG methodology and tools such as Burp Suite or OWASP ZAP Understanding of JWT authentication, session management, and REST API security Basic knowledge of PostgreSQL or MongoDB for data validation Strong analytical thinking with an ability to identify edge cases and failure scenarios Clear and structured bug and security report writing — not just raw tool output Comfortable working across multi-role SaaS environments (buyers, vendors, admins) Good to Have CEH, OSCP, or eWPT security certification Experience with Playwright or Cypress automation frameworks Basic scripting in JavaScript or TypeScript for test automation Exposure to logistics, shipping, or B2B procurement systems Familiarity with GCC/UAE data compliance requirements
- More than 30 hrs/weekHourly
- 3-6 monthsDuration
- IntermediateExperience Level
$8.00
-
$10.00
Hourly- Remote Job
- Ongoing projectProject Type
Skills and Expertise
Activity on this job
- Proposals:10 to 15
- Last viewed by client:yesterday
- Interviewing:1
- Invites sent:3
- Unanswered invites:2
About the client
- United Arab EmiratesDubai3:40 AM
- $66K total spent105 hires, 16 active
- 6,135 hours
- Retail & Consumer GoodsMid-sized company (10-99 people)
Explore similar jobs on Upwork
How it works
Create your free profileHighlight your skills and experience, show your portfolio, and set your ideal pay rate.
Work the way you wantApply for jobs, create easy-to-by projects, or access exclusive opportunities that come to you.
Get paid securelyFrom contract to payment, we help you work safely and get paid securely.
About Upwork
- 4.9/5(Average rating of clients by professionals)
- G2 2021#1 freelance platform
- 49,000+Signed contract every week
- $2.3BFreelancers earned on Upwork in 2020
Find the best freelance jobs
Growing your career is as easy as creating a free profile and finding work like this that fits your skills.
Trusted by