The Role
The Senior SDET will own test strategy, quality architecture, and the automated regression infrastructure for Securly's onboard filtering project — building the test systems that ensure a safety-critical Chrome extension works correctly for millions of students and keeps working through every browser update and policy change.
The onboard filtering project is a high-risk architecture change to a widely-deployed extension. A regression in allow/block decision logic, cache invalidation, or bypass prevention could expose students to inappropriate content or disrupt school operations. The test infrastructure you build is the last line of defense before production.
At L5, this is an engineering leadership role, not a QA role. You will define what 'production-ready' means for a safety-critical student product, enforce that standard through CI/CD quality gates, and contribute to extension development directly.
Level: L5
Experience: 8–15 Years
Location: Pune, India
Work Type: Hybrid (2 days onsite)
Reports To: Filter Engineering Manager
What It Means to Be L5 at Securly
L5 at Securly is a Staff Engineer. You are the technical owner, not just an implementer.
- Drive technical direction for your initiative end-to-end: from architecture to production, with minimal oversight from your engineering manager.
- Identify and resolve ambiguity in requirements, system boundaries, and design tradeoffs without waiting for a fully-formed spec.
- Mentor L3/L4 engineers on the team: code reviews, design feedback, pairing, and raising the bar for what production-quality work looks like.
- Partner with your L6 technical lead and the Distinguished Engineer on architectural decisions, surfacing tradeoffs clearly rather than deferring them upward.
- Contribute to cross-team engineering standards: you are expected to influence practices beyond your immediate squad.
- Translate technical context into clear written artifacts that non-engineers (PM, Support, Leadership) can act on.
- Participate in on-call rotation and own the full incident lifecycle for your system: detection, diagnosis, resolution, and retrospective.
What You'll Do
- Define what 'passing' means for the onboard filtering project: establish written quality criteria covering correctness, security, and performance that gate production releases.
- Design and implement automated test suites covering block/allow decisions, iframe handling, cache invalidation, TTL expiry, fallback behavior, and filtering decision engine edge cases.
- Build CI/CD quality gates that prevent regressions from reaching production; own the pipeline configuration and ensure the quality bar is enforced, not advisory.
- Model bypass threats systematically: document how students exploit timing windows, iframes, DOM manipulation, redirect chains, and DNS TTL behavior — then build automated tests that catch those bypasses.
- Measure and establish written performance baselines: page load latency impact, service worker memory usage, cache sync overhead across realistic Chromebook hardware profiles.
- Contribute to Chrome extension development work in TypeScript/JavaScript alongside test responsibilities.
- Serve as the team's expert on bypass threat modeling: your analysis of how students circumvent filtering is an input to the implementation team's architecture decisions.
- Mentor engineers on test architecture as a first-class discipline.
Skills & Requirements
Must-Have
- Chrome Extension development (MV3) — same production bar as the Implementation engineer. Must develop, debug, and test Chrome extensions at production quality.
- TypeScript & JavaScript mastery — expert-level for both implementation work and building robust automated test suites.
- Test automation (SDET-level) — Puppeteer, Playwright, or Selenium with extension loading. Must automate filtering behavior tests covering block/allow decisions, cache state machines, and bypass scenarios.
- CI/CD quality gates — integrating test suites into pipelines; defining and enforcing regression gates. L5 means you own the definition of the bar.
- Browser security model — testing bypass scenarios requires genuine understanding of how students exploit timing, iframes, DOM manipulation, and DNS TTL.
- Technical communication — written bypass threat models, quality criteria documents, and performance baseline documents.
Strongly Preferred
- Performance / load testing — measuring extension performance impact and establishing baselines across device types and hardware profiles.
- Cross-browser development (Edge/Chromium) — test coverage differences and MV3 compatibility issues between Chrome and Edge.
- Web filtering / content classification — understanding of URL categorization, domain matching, and allow/block decision logic.
Nice to Have
- Data pipeline testing — ETL correctness and data quality validation.
- ChromeOS device testing — physical Chromebook or ChromeOS VM test experience; Google Admin Console force-install behavior.
- K-12 EdTech domain — understanding of how districts deploy and manage extensions.
Who You Are
- You think like an attacker when writing tests — you do not test the happy path and call it done. You document attack vectors so the implementation team designs against them.
- You have shipped production Chrome extensions and built the test infrastructure around them. You know both sides of the work.
- You treat test architecture as a first-class engineering discipline. A feature without a regression suite is not finished.
- You define what 'quality' means on a safety-critical product and produce written criteria that hold the codebase to that standard.
- You contribute to development, not just testing — this is an L5 engineering role, and your TypeScript ships alongside your test suites.
- Your bypass threat model documents are used by the implementation team to make better architecture decisions.
About Securly
Securly processes over 1.1 billion requests per day and 54 TB of data daily, protecting more than 20 million students across 20,000+ schools globally. Since pioneering the first cloud-based web filter for K-12 in 2013, Securly has built one of the most trusted, high-scale platforms for student safety, wellness, and engagement. By turning data into meaningful, actionable intelligence, Securly enables schools to identify risk earlier, reduce harmful incidents, and strengthen student support.
We are proud to be consistently recognized as a Top Place to Work, named a Top 40 Most Used EdTech platform, and included on the GSV 150 list as one of the most transformational growth companies in digital learning and workforce skills.
Benefits
- Comprehensive Health Insurance (employee, parents, spouse, children)
- Accidental & Term Life Insurance
- Learning & Development reimbursement
- Paid Time Off
- Public Holidays (10+ per year)
- Retirement Benefits (EPF & gratuity)
- Parental Leave (as per statutory norms)
Equal Opportunity Employer
Securly is an Equal Opportunity Employer committed to inclusion, fairness, and respect. We welcome applicants from all backgrounds, identities, and experiences. #LI-REMOTE #LI-DO1