Sure security is important but integrity is too.
Used to be, these were full software engineers embedded with dev teams, with a mission to destroy, document, and harden the apps and frameworks.
During the 2010s in all the FAANG that I’m aware of (have worked at 3), QA as a high paid American profession was completely offshored to India and responsibility for quality removed from developers concern. It’s a blocking item on the Launch Checklist. Automated testing was expected to fill the gap but has mostly been ignored.
The complicated thing is, they were kind of right, and kind of wrong. QA in some orgs were staffed by engineers who weren't "quite as good" as the development teams, and it showed. Horrible QA tools that broke frequently, QA test passes that were fragile and took forever, and just low quality bug reports. Work that should have been automated just wasn't due to a lack of talent. Part of this is because any really good engineers who started off as an SDET (Software Development Engineer in Test) ended up moving to the SDE career track after a few promos, because the career trajectory for an SDE was much better (despite the company trying to resolve this repeatedly over the years).
So basically the SDET teams had an ongoing brain drain problem.
That said, the good SDET teams were just as good, if not better, than the development teams. The really high quality test software was incredibly good. And when debugging means going through assembly code in a debugger and figuring out what is wrong, the top engineers come off looking like magicians.
But there was too much rot in the QA orgs for them to ever be agile enough for daily releases. Microsoft went with the cost cutting approach of just laying most of them off and allowing software quality to drop, as did the vast majority of other companies.
Once Microsoft got rid of their SDET career track, it became career suicide to even bother going into QA and the entire field basically died. Microsoft SDETs were on the same pay scale (and same hiring requirements) as SDEs. When i was in college my goal was to be an SDET at Microsoft, I loved the idea of being the last line of defense against bad software, of being the one responsible for protecting users around the world. (Yes I played a lot of Paladins in D&D, how'd you guess?)
I eventually achieved my goal, became an SDET on a compiler team, got to take over maintaining one of the most impressive test systems I've ever seen [1], and spent a lot of time wiping up my own drool as ARM assembly code scrolled while I tried to trace compiler bugs.
SDETs died, I moved to be an SDE. I loved being an SDET, I loved having a job that could be summarized as "be angry for the sake of the customer". I loved that I worked in a company where the most junior of SDETs could stop an entire build from going out by saying they didn't think the build met the quality bar for a release from Microsoft (something I actually did once, emotionally it is a hard thing to do!).
Unfortunately that love and passion for quality is gone from the industry.
[1]https://meanderingthoughts.hashnode.dev/how-microsoft-tested...