Principal SDET, Cybersecurity Test Engineer

Job Title: Principal SDET, Cybersecurity Test Engineer
Location: Lakewood, CO
Type: Direct Hire
Job Summary:

System One is seeking a Principal SDET – Cybersecurity Test Engineer for a full-time/permanent opportunity in Lakewood, CO. As a Sr. Technical Leader, this role is responsible for developing and driving the cybersecurity testing strategy across the Software Quality Engineering organization while enabling the broader organization to consistently implement and execute a unified cybersecurity testing approach. A core focus of this role is embedding cybersecurity as a continuous, front-loaded component of the software development lifecycle to enable early identification and prevention of vulnerabilities and potential security risks, while maintaining compliance with medical device regulatory requirements.

The Principal SDET is responsible for evaluating, documenting, managing, and developing cybersecurity tests for software systems within the R&D organization. This individual ensures comprehensive coverage of cybersecurity requirements that are translated into actionable, testable, and verifiable outcomes across teams, enabling consistent execution of cybersecurity test strategies.

Responsibilities

• Define a standardized cybersecurity testing strategy for the Software Quality Engineering organization that aligns with product architecture, regulatory requirements, and business goals.
• Train and mentor engineers on cybersecurity testing practices, build training materials, and run knowledge transfer sessions so teams can execute independently.
• Build cybersecurity test plans that meet medical device regulatory standards.
• Run risk and vulnerability assessments on new and existing products and put security testing protocols in place to protect sensitive data.
• Oversee the design and execution of automated test scripts and frameworks across all levels of the test pyramid and apply design patterns suited to security testing.
• Lead dynamic application security testing (DAST) and advise the group on the feasibility, implementation, and maintenance of cybersecurity test automation.
• Work with architecture teams to set cybersecurity testing standards and shape software architecture and development practices so vulnerabilities surface earlier.
• Partner with development, cybersecurity, quality assurance, peer engineers, and architects to find vulnerabilities and embed security testing into the product lifecycle.
• Coordinate with external partners and consultants on joint security testing.
• Contribute to multiple codebases within Scrum teams, resolve environment and test automation issues, and review and approve code and test changes.
• Lead discussions about which test level is right for a given piece of functionality, and engage at any test level when the work requires it.
• Keep up with new cybersecurity threats, tools, and practices, and revise testing methods when needed.

Requirements

• Bachelor’s degree in Computer Science, Engineering, or related field, or equivalent education and experience.
• Minimum 8 years experience in an SDET role, with at least 5 years experience in Cybersecurity Testing.
• Strong foundation in computer science fundamentals, including design patterns, data structures, object-oriented programming (OOP), and software design principles.
• Proficient in object-oriented and embedded software development using C#, C++, and Python.
• Deep expertise in cybersecurity principles, frameworks, and secure software development practices, particularly for medical devices.
• Skilled in identifying, assessing, and mitigating security vulnerabilities, including performing structured risk assessments.
• Extensive experience designing and implementing automated test frameworks and scripting solutions.
• Proficient in applying cybersecurity testing across all levels, including unit, integration, and system testing.
• Experience in integrating automated testing and security practices into CI/CD pipelines (DevSecOps).
• Hands-on experience with DAST and other security testing tools, methodologies, and techniques.
• Holds relevant cybersecurity and product security certifications (e.g., CISSP, CSSLP, OSCP).
• Familiar with modern development technologies, including Docker, REST APIs, JSON, and cloud platforms (Azure).
• Skilled in source code management, version control, and collaborative development workflows (e.g., Git-based environments).
• Proven ability to drive organizational change, align stakeholders, and lead adoption of engineering and security best practices.
• Strong technical leadership and cross-functional communication skills, with the ability to influence architecture, development, and quality strategies.
• Self-driven, adaptable, and committed to continuous learning, innovation, and process improvement.

System One, and its subsidiaries including Joulé and Mountain Ltd., are leaders in delivering outsourced services and workforce solutions across North America. We help clients get work done more efficiently and economically, without compromising quality. System One not only serves as a valued partner for our clients, but we offer eligible employees health and welfare benefits coverage options including medical, dental, vision, spending accounts, life insurance, voluntary plans, as well as participation in a 401(k) plan.

System One is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, age, national origin, disability, family care or medical leave status, genetic information, veteran status, marital status, or any other characteristic protected by applicable federal, state, or local law.

#M-1
#LI-SG1