Job Description
We’re building a greenfield web platform delivering modern, cloud-based dental
practice experiences aligned with Sensei Cloud. The application is modular in nature and will
grow over time.
As a QA Engineer, you will be a core contributor to quality across both the Rails API backend
and the React frontend — ensuring that features are correct, compliant, and performant before
they reach dental practice users.
Your primary ownership area is test strategy, test automation, and quality gates: designing and
maintaining E2E test suites, validating API contracts, catching regressions, and enforcing
compliance standards in a HIPAA-regulated healthcare environment. You will collaborate
directly with engineers to make TDD workflows effective and will own the automation layer that
gives the team confidence to ship at pace.
You will work within a Human → AI → Human engineering workflow, using AI tools to accelerate
test authorship and coverage analysis
Primary Responsibilities (QA / Test Automation)
- Design, build, and maintain an automated test suite covering E2E, integration, and API-contract layers across the Rails backend and React frontend
- Own and maintain Playwright E2E test suites covering critical user journeys (scheduling, provider workflows, huddle boards, patient lookups, authentication)
- Collaborate with engineers on RSpec integration and unit test coverage — reviewing test quality, identifying gaps, and contributing tests where needed
- Define and enforce quality gates in the CI/CD pipeline: test pass thresholds, coverage floors, Brakeman/bundler-audit clean runs, and ESLint/RuboCop compliance
- Develop and maintain test data strategies using synthetic data exclusively — patient names with -SYN suffix, IDs with SYNTHETIC_ prefix — ensuring no PHI enters any test artifact
- Validate data mapping correctness across dental practice management systems (DPMS): Orthotrac, PracticeWorks, SoftDent, WinOMS, and others
- Write and maintain VCR cassettes and WebMock stubs for external HTTP integrations, ensuring tests remain deterministic and do not call live services
- Review and triage Brakeman security findings, coordinating remediation with engineers before PRs are merged
- Perform exploratory testing against staging environments, filing clear, reproducible bug reports with steps, environment context, and expected vs. actual behavior
- Maintain and evolve the QA section of the AI Code Review Checklist as the team’s practices mature
Shared (Full-Stack Quality)
Participate in pull request reviews with a quality and compliance lens: PHI exposure, OWASP Top 10 risks, hardcoded secrets, overly broad rescue blocks, invalid dependencies
Collaborate with frontend-focused engineers to ensure React components and TanStack Query state management are covered by meaningful tests
Contribute to and validate API contract tests as the Rails API evolves
Participate in AI-augmented development workflows, reviewing AI-generated tests for correctness, hallucinated mocks, and phantom assertions
Proactively update test documentation, coverage reports, and QA runbooks when behavior or architecture changes
Proven experience designing and maintaining automated test suites across backend APIs and frontend UIs
Hands-on Playwright experience for E2E testing of modern React applications
Solid understanding of RSpec — able to read, write, and review unit/integration specs confidently
Strong knowledge of test data management: fixture design, factory patterns (FactoryBot), synthetic data conventions
Experience with HTTP stubbing strategies (WebMock, VCR, or equivalents) for reliable integration tests
Familiarity with CI/CD pipelines and the role of automated quality gates (GitHub Actions or equivalent)
Comfortable reading Rails application code and React component code to understand behavior and identify testable contracts
Working knowledge of REST API design — able to test endpoints using request specs or API clients independently of the UI
Familiarity with Git-based workflows, pull requests, and conventional commits AI-Augmented Development (Required)
Hands-on experience using AI coding assistants (e.g., Claude Code, GitHub Copilot, Cursor) for test generation and coverage analysis
Clear understanding of the Human → AI → Human review loop — AI generates, humans validate; no phantom assertions or hallucinated mocks ship
Ability to critically evaluate AI-generated tests for correctness: mock contracts that match real API behavior, assertions that would actually catch regressions
Awareness of AI traceability practices: commit trailers, review checklists, prompt hygiene HIPAA & Compliance Awareness (Required)
Strong understanding that Protected Health Information (PHI) must never appear in tests, test fixtures, VCR cassettes, logs, screenshots, or CI artifacts
Discipline around synthetic data usage — no real patient names, DOBs, addresses, or record IDs in any test asset
Ability to identify PHI exposure risks in test code during PR review
Comfort working exclusively with mock or synthetic data environments
Awareness of OWASP Top 10 and secure coding patterns relevant to test design (e.g., authentication bypass risks in test setup)
Preferred / Nice-to-Have Qualifications
Experience testing healthcare or dental SaaS applications
Familiarity with dental practice management system data models or healthcare data normalization workflows
Experience with Azure Cosmos DB data structures and how to assert against document-shaped responses
Prior work in a TDD/BDD environment with red-green-refactor discipline
Experience with performance or load testing (k6, Locust, or equivalent) for API endpoints
Familiarity with Kamal-based deployment workflows and containerized staging environments
Experience writing or maintaining Cucumber/Gherkin feature specs in collaborative QA environments
Healthcare data exchange familiarity (HL7, FHIR, or dental-specific formats)
Playwright component testing or visual regression testing experience
Work remotely Monday - Friday, 40 hours a week (no weekends)
Health Care Reimbursement
Active Lifestyle Reimbursement
Quarterly Home Office Reimbursement
Did we mention it’s REMOTE?!!
One of our core values at Zipdev is “Be authentic.” that’s why we encourage you to answer the application form in your own words; we are interested in getting to know you, not a digital assistant.
Wondering how our remote environment or our payment method work? We’ve put together some helpful answers in our FAQs at the bottom our our career site. Take a look and let us know if you have any other questions!
