Senior / Staff QA Engineer

We're building critical PKI and digital identity infrastructure - where a bug isn't just inconvenient, it's a compliance violation or security incident. We need our first QA engineer to own quality strategy, testing, and automation across the entire project.

You'll define the QA strategy, build automation from scratch, and establish the quality standards for infrastructure that financial institutions and regulated services depend on. High ownership, high impact, genuine technical challenges.

If you've ever wanted to build a QA practice the right way - with proper tooling, security focus, and freedom to make real decisions - this is it.

What you'll own

Strategy & Implementation

• Define the testing strategy for a regulated infrastructure project
• Build test automation from scratch - framework selection, implementation, CI/CD integration
• Establish quality gates and standards that balance speed with the zero-tolerance requirements of critical infrastructure
• Design security and compliance testing approaches aligned with regulatory frameworks (ETSI, eIDAS, PSD2)

Hands-on technical work

• API testing at scale: REST APIs, service-to-service authentication, integration testing across distributed components
• Performance and load testing: systems that need high availability and fault tolerance
• Security testing: authentication flows, encryption handling, PKI operations, certificate lifecycle management
• Test automation in CI/CD: GitLab CI, containerized environments (Docker/Kubernetes)

Collaboration & analysis

• Work directly with infrastructure engineers to understand cryptographic operations, key management, and compliance requirements
• Translate regulatory requirements into test scenarios
• Document everything - test strategies, frameworks, compliance evidence, QA processes
• Drive quality culture in a team that takes their work seriously

What we're looking for

Deep QA experience:

• 7+ years in software testing, with proven track record in complex production systems
• Built test automation from scratch - framework design, implementation, adoption
• Experience in regulated, high-stakes environments (financial services, healthcare, security, critical infrastructure)
• Track record of defining and implementing QA strategies, not just executing someone else's plan

Technical depth:

• API testing expertise - REST, authentication flows, service integration, contract testing
• Performance and security testing experience - load testing, vulnerability assessment, secure coding validation
• CI/CD integration - writing and maintaining automated tests in pipelines (GitLab CI, GitHub Actions, Azure DevOps, etc.)
• Containerized environments - Docker, Kubernetes, testing in distributed deployments
• At least one scripting/programming language for test automation

QA mindset:

• Strong analytical skills - ability to break down complex technical and regulatory requirements into testable scenarios
• Understanding of when to automate vs. manual test vs. accept risk
• Security-conscious approach to testing
• Excellent communication - you'll work with engineers, PMs, and eventually auditors 

Strong advantages

Domain knowledge or interest:

• Understanding of PKI concepts: certificates, private keys, CRL, OCSP, cryptographic operations
• Familiarity with digital signatures (PAdES, XAdES, CAdES)
• Awareness of regulatory frameworks (ETSI, eIDAS, PSD2, SEPA)
• Knowledge of HSM integrations or secure key storage systems
• Secure application design

Advanced testing skills:

• Chaos engineering or resilience testing
• Compliance testing and audit preparation
• Test data management in regulated environments
• Performance monitoring and observability

What makes this team work

Serious about the work. We're an experienced team that respects the gravity of what we're building while keeping things collaborative and human.

• Compliance is handled: Dedicated PMs manage regulatory navigation and support the requirements management. Everyone collaborates and shares context.
• We've been here before: The team has shipped regulated, critical systems. You won't be explaining why testing matters or why shortcuts aren't acceptable.
• High trust, high accountability: We expect you to own your work, ask for help when needed, and deliver what you commit to. 

What we offer:

• Competitive salary with performance-based bonuses
• Private health insurance
• Flexible working hours and hybrid work model option
• Note: due to the project nature, we expect presence in our Belgrade office
• Exposure to advanced security, cryptography, and PKI systems
• Long-term, stable project with clear technical ownership