Software Quality Assurance Engineer

About Cytix

Cytix is a continuous application security testing platform. We take change data from across the software development lifecycle, pull requests, code commits, tickets, and use it to intelligently determine when, where and how to test. By focusing exclusively on application changes, we catch high-risk vulnerabilities at the moment they're introduced, rather than months later in a scheduled pen test.

The role

We're hiring a QA Engineer to safeguard the quality of the Cytix platform as we scale. Functional QA is the heart of the role: you'll work closely with engineers and product to make sure new features and changes behave as intended before they reach customers. Alongside that, you'll review pull requests, contribute to our test suites, and help us keep the development experience sharp.

This is a hybrid position, with 2-4 days in our Manchester office each month.

What you'll do

• Own functional QA on new features and changes, from spec review through to release sign-off
• Review and validate pull requests, catching issues early and giving engineers clear, actionable feedback
• Write and maintain end-to-end tests in Playwright, smoke tests in Bun, and unit tests across the stack
• Identify coverage gaps and prioritise where additional testing investment will pay off
• Improve developer experience: test reliability, feedback loops, local tooling, and anything else slowing the team down
• Partner with engineers and product managers to define acceptance criteria and edge cases upfront

What we're looking for

• 2 to 5 years of QA engineering experience, ideally on a web platform
• Strong functional testing instincts and a sharp eye for edge cases
• Hands-on experience with Playwright (or a comparable end-to-end framework such as Cypress or WebDriverIO)
• Comfortable reading TypeScript and reviewing engineers' code
• Experience writing unit and integration tests in a JavaScript or TypeScript codebase
• Familiarity with at least some of our stack: Vue 3 (Composition API), Koa, AWS, Postgres
• Clear written communication; you can describe a bug, a risk, or a proposed improvement so the right action follows

Nice to have

• Experience with Bun (still early in the ecosystem, so we don't expect this)
• Background improving CI pipelines or local developer tooling
• Exposure to security testing, accessibility testing, or performance testing
• Interest in cybersecurity and the problems Cytix is solving