RishiWrites Header
Open Jobs Resumes

Rishi Writes

Performance & Security Testing Engineer – Remote | Healthcare

By /
  • Contract
  • Remote
  • Applications have closed

Empower Professionals

Remote Performance & Security Testing Engineer Contract for Healthcare Applications

Job Overview

We are seeking a Performance & Security Testing Engineer with extensive experience in performance testing, penetration testing, and healthcare application compliance. This remote contract role runs for 12+ months and focuses on ensuring healthcare applications are scalable, secure, and HIPAA/HITRUST-compliant.

The ideal candidate will bring strong expertise with testing tools such as JMeter, LoadRunner, Burp Suite, OWASP ZAP, Nessus, and Metasploit, along with a deep understanding of cloud platforms, APIs, and healthcare data protection requirements.

Key Responsibilities of a Performance & Security Testing Engineer

Performance Testing

  • Design, develop, and execute performance, load, stress, and scalability tests for healthcare applications.

  • Monitor system performance under peak load conditions to identify bottlenecks.

  • Track KPIs such as response time, throughput, concurrent user load, memory utilization, and CPU usage.

  • Create comprehensive test reports and collaborate with development, infrastructure, and DevOps teams.

Security & Penetration Testing

  • Conduct penetration tests, vulnerability assessments, and secure code reviews.

  • Identify OWASP Top 10 vulnerabilities, misconfigurations, and data exposure threats.

  • Perform SAST and DAST across web, mobile, and API layers.

  • Recommend and validate remediation steps to mitigate risks.

  • Ensure compliance with HIPAA, HITRUST, and healthcare security regulations.

Collaboration & Reporting

  • Integrate security and performance testing into CI/CD pipelines.

  • Document findings, prepare dashboards, and communicate results effectively.

  • Contribute to continuous improvement of frameworks, methodologies, and testing tools.

Required Skills & Qualifications

  • Bachelor’s degree in Computer Science, Information Security, or related field.

  • 5+ years of performance and security testing experience.

  • Hands-on expertise with performance testing tools: JMeter, LoadRunner, Gatling, BlazeMeter.

  • Skilled in penetration testing tools: Burp Suite, OWASP ZAP, Nessus, Metasploit, Kali Linux.

  • Strong understanding of web technologies, APIs, cloud (AWS/Azure), and databases.

  • Knowledge of healthcare compliance standards: HIPAA, HITRUST, PHI/PII.

  • Familiarity with DevSecOps practices and CI/CD integration.

  • Strong problem-solving and communication skills.

Preferred Qualifications

  • Experience with healthcare applications (payer, provider, claims, enrollment, EDI, HL7, FHIR, EMR/EHR).

  • Certifications: OSCP, CEH, CISSP, CISA, CPT, or HP LoadRunner.

  • Exposure to container, API, and cloud security with Docker or Kubernetes.

Work Model

  • Duration: 12+ Months Contract

  • Location: 100% Remote

  • Industry: Healthcare Applications

Why This Role?

This opportunity allows you to work on mission-critical healthcare applications, ensuring they remain secure, compliant, and performant under high transaction loads. You will collaborate with QA, DevSecOps, and development teams to create lasting impact in a regulated and evolving healthcare technology environment.

Ready to Apply?

If you are an experienced Performance & Security Testing Engineer ready to tackle healthcare security and compliance challenges, apply today.

👉 Check out other positions
👉 Let’s discuss your next career move

FAQs about the Performance & Security Testing Engineer Role

1. What does the role mainly involve?
It focuses on performance and security testing of healthcare applications.

2. Is this role remote?
Yes, the role is 100% remote.

3. What is the contract length?
The initial contract is 12+ months.

4. What industries will I work with?
You will primarily work with healthcare technology and applications.

5. Which performance testing tools are required?
JMeter, LoadRunner, Gatling, or BlazeMeter are commonly used.

6. What penetration testing tools are expected?
Burp Suite, OWASP ZAP, Nessus, Metasploit, and Kali Linux.

7. Do I need healthcare compliance knowledge?
Yes, HIPAA, HITRUST, and PHI/PII protection are required.

8. What type of KPIs should I measure?
Response time, throughput, concurrent users, memory, and CPU utilization.

9. Will I integrate testing into pipelines?
Yes, integration with CI/CD pipelines is part of the role.

10. Are secure code reviews required?
Yes, you will perform code reviews to ensure applications are protected.

11. What cloud platforms should I know?
AWS and Azure knowledge is essential.

12. Are certifications required?
Not mandatory, but certifications like OSCP, CEH, or CISSP are preferred.

13. What kind of collaboration is expected?
You will work with QA, DevSecOps, developers, and business teams.

14. Will I test APIs?
Yes, performance and security testing for APIs is included.

15. How can I apply?
Apply through the listing and explore more roles at Check out other positions.

© 2025 All rights reserved • Rishi Writes | Operated by Blue Bird Solutions (MSME Registered)

Scroll to Top