Test Automation Engineer
Here is the list of requirement, Please go through it and let me know if you need any more details.
share me candidates resumes which matches.
Note: direct (STATE clients )
Test Automation Engineer
Client Name: : State of Utah
Location : Salt Lake City, UT
Max Pay Rate: $55 C2C
Note: Attached form please make sure your consultant fills it.
- Degree – Candidate must possess a bachelor’s degree from an accredited college in Computer Science, Information Technology, Business, but may substitute equivalent experience.
- Functional Experience – Candidates must have 3+ years of experience with testing automation.
- Interpersonal Relationships – Candidates must demonstrate the ability to work well with others of all personality types while demonstrating problem-solving and the ability to prioritize tasks.
- Communication – Candidates must demonstrate the ability to communicate in verbal and written form with both technical and non-technical personnel.
- Initiative – Candidates must demonstrate success as a self-starting, hardworking and inquisitive worker.
- Teamwork – Candidates must demonstrate the ability to work with cross-functional teams to deliver on a common goal.
- Agile/Scrum – Candidates must demonstrate experience in an agile product environment to include deep understanding and experience with agile methodologies.
- Certifications – Certified Ethical Hacker (CEH), ISTQB, CAST, etc.
- Development Experience – .NET, C#, CSS, Angular, Azure, etc.
- Domain Driven Design –Understanding and experience with Domain Driven Design
- Financial or Education Domain experience: Experience working in one or both domains.
- Penetration Testing, Security testing, experience with OWASP, etc.
What the USBE agrees to do:
1. The USBE PD Coordinator will direct all work of the vendor.
2. The USBE PD Coordinator will approve and sign weekly timesheets.
3. The USBE PD Coordinator will provide the vendor with an annual evaluation of the vendor’s effectiveness in implementing the contract’s scope of work.
Resources may have access to sensitive data, including student personally identifiable information (PII). Accordingly, resources must comply with applicable security measures, including possibly mandatory background and security checks. In addition to the terms of State of Utah Contract #IT2462, this engagement shall also be governed by the following terms and conditions regarding student data privacy.
1. GENERAL PROVISIONS:
a. USBE reserves all right, title, and interest, including all intellectual property and proprietary rights, in and to system data, Data, and all related data and content.
b. Contractor is hereby designated as an agent of USBE for the limited purpose of receiving PII to fulfill the purposes of this contract. Contractor may use the PII as provided herein but may not transfer or otherwise convey PII to any other person, persons or entities.
c. Contractor, as USBE’s agent, shall comply with all applicable laws and regulations including but not limited to FERPA, the Utah Family Education Rights and Privacy Act, Utah Code § 53E-9-2 (“UFERPA”), and the Individuals with Disabilities Educational Act, 30 U.S.C. §1400 et seq. and 34 C.F.R. Part 300 (“IDEA”).
d. Any terms that by their nature would survive the expiration of, completion, or termination of this Contract shall survive.
e. Contractor shall, upon written request, permit USBE or its designated representatives to perform an assessment, audit, examination, or review of all of Contractor’s sites and environments in order to confirm Contractor’s compliance with this Contract; associated Contractors or Scopes of Work; and applicable laws and regulations.
f. During the term of this Contract, if USBE requests the Destruction of PII collected, generated or inferred as a result of this Contract, Contractor shall Destroy the information within five (5) calendar days after the date of the request. Contractor shall provide USBE with written confirmation of the date the data was Destroyed.
g. USBE retains the right to use the established operational services to access and retrieve Data stored on Contractor’s infrastructure at its sole discretion.
h. The USIMS project is comprised of professionals working in an environment supported by multiple vendors that provide contractor personnel. As a standard of workplace conduct, it is inappropriate for contractors to discuss individual hourly rate or contract rate information in the workplace with anyone other than the USIMS Project Manager or USBE Information Technology Leadership.
2. ACCESS TO DATA:
a. Contractor shall limit access to Data to Authorized Persons only and shall require a non-disclosure agreement be signed by all Authorized Persons prior to being granted access to Data.
b. Contractor shall maintain past and current lists of all Authorized Persons, maintain each non-disclosure agreement, and shall permit inspection of the same by USBE upon request.
c. Contractor shall maintain an audit trail for the duration of this Contract, which reflects the granting and revoking of access privileges to Authorized Persons. A copy of this audit trail may be requested by USBE from Contractor at any time and shall be provided within 10 days of the USBE request.
d. Contractor shall have strong access controls in place. Contractor shall disable and/or immediately delete unused and terminated Authorized Persons’ accounts and shall periodically assess account inactivity for potential stale accounts.
e. Contractor shall provide annual, mandatory privacy and security awareness and training for all Authorized Persons, maintain past and current lists of Authorized Persons that have completed training, and permit inspection of the same by USBE upon request.
3. USE AND DISCLOSURE OF DATA:
a. Contractor shall not collect, use, or share Data beyond the purposes set forth as follows:
i. To carry out the Contractor’s responsibilities listed in this Statement of Work.
- Contractor shall share Data only for the purposes stated in Section 48.1 and only with the following entities:
i. Law enforcement agencies or individuals only as authorized by law or court order. Contractor receives such a request, Contractor shall notify USBE within two (2) business days of the receipt of the request, as permitted by law.
c. If Contractor seeks to publicly release Data, Contractor must aggregate the Data by totaling the Data and reporting it at the group, cohort, school, school district, region, or state level. Contractor shall, upon request of USBE, provide USBE with a document that lists the steps and methods the Contractor shall use to de-identify the information. Any aggregate data that is publicly released without being redacted using the methods in this section shall be considered an Incident. The following methods shall be used on any aggregated reports:
i. Aggregate data shall be reported publicly only if there is a sufficient number of individuals represented in any demographic or subgroup so that an individual cannot be identified.
ii. Aggregated reports shall be redacted using complementary suppression methods that remove the risk of Data being identifiable using simple mathematics or formulas.
iii. Aggregated reports shall be redacted to remove identifiability risks caused other prior releases of aggregate data by Contractor.
d. Contractor shall not use Data for the purposes of Targeted Advertising except under the following conditions:
i. For adaptive learning or customized student learning purposes.
ii. To market an educational application or product to a parent or legal guardian of a student if Contractor did not use Data, shared by or collected per this Contract, to market the educational application or product.
iii. To use a recommendation engine to recommend to a student (i) content that relates to learning or employment, within the third-party contractor’s internal application, if the recommendation is not motivated by payment or other consideration from another party; or (ii) services that relate to learning or employment, within the third-party contractor’s internal application, if the recommendation is not motivated by payment or other consideration from another party;
iv. To respond to a student request for information or feedback, if the content of the response is not motivated by payment or other consideration from another party.
v. To use Data to allow or improve operability and functionality of the third-party contractor’s internal application.
e. Contractor shall not sell or otherwise monetize Data except Data transferred through the purchase of, merger with, or otherwise acquisition of Contractors provided that all parties remain in compliance with this Contract.
4. SECURITY AND PROTECTION OF DATA:
a. Contractor shall notify USBE of material system changes that may negatively impact the security of Data prior to such changes being implemented.
b. If Contractor is given Data as part of this Contract, the protection of Data shall be an integral part of the business activities of Contractor to ensure that there is no inappropriate or unauthorized use of Data. Contractor shall safeguard the confidentiality, integrity, and availability of Data.
c. Contractor shall comply with and protect and maintain Data using methods that are at least as good as or better than that established in the State of Utah’s Department of Technology Policies (https://dts.utah.gov/policies).
d. Contractor shall only transmit or exchange Data via secure means (ex. HTTPS or FTPS). Contractor shall not use, store or process Data on any unencrypted portable or laptop computing device or any portable storage medium.
e. Contractor shall store and maintain all Data in data centers located in the United States.
f. Contractor shall permit its employees and Subcontractors to access Data remotely only via a secured manner, such as Virtual Private Networks (VPN).
g. Contractor shall store all Data, as well as any backups made of that data, in encrypted form using no less than 128-bit key and include all Data as part of a designated backup and recovery process.
h. Contractor shall enforce strong password protections on all devices and networks with access to or that store Data.
a. If Contractor becomes aware of an Incident involving Data by either Contractor or any of Contractor’s Subcontractors, Contractor shall notify USBE within one (1) calendar day and cooperate with USBE regarding recovery, remediation, and the necessity to involve law enforcement, if any.
b. Contractor shall produce a written remediation plan that includes information about the cause and extent of the Incident and the actions Contractor will take to remediate the Incident and to reduce the risk of incurring a similar type of Incident in the future. Contractor shall present its analysis and remediation plan to USBE within ten (10) calendar days of notifying USBE of an Incident. USBE reserves the right to adjust this plan, in its sole discretion. If Contractor cannot produce its analysis and plan within the allotted time, USBE, in its sole discretion, may perform such analysis and produce a remediation plan, and Contractor shall reimburse USBE for the reasonable costs thereof.
c. In the event of an Incident, Contractor shall provide USBE or its designated representatives with access seven (7) days a week, twenty-four (24) hours a day, for the purpose of evaluating, mitigating, or resolving the Incident.
d. Unless Contractor can establish that Contractor or any of its Subcontractors is not the cause or source of the Incident, Contractor shall be responsible for the cost of notifying each person whose personal information may have been compromised by the Incident.
e. Disclosure of Data by Contractor or any Subcontractor for any reason may be cause for legal action by third parties against Contractor, the State, or their respective agents. Contractor shall indemnify, save, and hold harmless the State, its employees, and agents against any and all claims, damages, liability, and court awards including costs, expenses, and attorney fees incurred as a result of any act or omission by Contractor, or its employees, agents, Subcontractors, or assignees pursuant to this Contract. Notwithstanding any other provision of this Contract, Contractor shall be liable to the State for all direct, consequential and incidental damages arising from an Incident caused by Contractor or its Subcontractors.