Senior Test Engineer - Endpoint Detection and Response
NSS Labs, Inc. is the global leader in operationalizing cybersecurity, empowering enterprises by providing relevant information to reduce the operational burden of cybersecurity and address crucial gaps in their cybersecurity efforts. Our unmatched and well-respected foundation in security testing, along with our enterprise research and global threat analysis capabilities, provide the basis for our CAWS Continuous Security Validation Platform, an advanced platform that substantiates the effectiveness of enterprise security controls and uncovers unmitigated risks to enterprise systems. Using fact-based threat data and objective risk information, CAWS enables businesses to strengthen their cyber risk posture, continuously validate their security controls and take timely action to mitigate threats to their Operating Systems and applications. CISOs, Chief Security Architects, SOC and Threat Analysts, and SOC and information security professionals from many of the world's largest and most demanding enterprises rely on trusted insights from NSS Labs. For more information, visit www.nsslabs.com.
The Senior Test Engineer will interact directly with vendors to generate, analyze, and document performance and security metrics for many different security products. This position works closely with many functions within the company to develop new tests, build out and maintain new test environments, and execute and maintain existing tests. As the expert responsible for testing a security technology from harness concept through to operation and maintenance, this individual will support the objective, scientific, fact-based approach to testing enterprise security technologies that the market has grown to respect and depend on.
- Development of test methodology and test cases that assess the efficacy of a security technology as it pertains to enterprise use cases.
- Build out test environments, including installation of systems and products.
- Conducting and/or overseeing on-site and remote vendor engagements.
- Adherence to all test Standard Operating Procedures (SOP) including, but not limited to, test development best practices, test development workbook completion, scorecard development and engagement notes capture.
- Participate in the creation of thought leadership pieces (delivered as webinars or research papers) that assist enterprises in their decision making.
- Communicate findings to both technical and non-technical audiences.
- Overseeing the execution of tests according to methodological concepts.
- Engage with and support enterprise clients to ensure the use cases and testing represent the challenges faced in product deployment.
Required Skills and Experiences:
- Familiarity with endpoint security technologies or vendors: examples include: CrowdStrike, Cylance, SentinelOne, Tanium. Technologies such as anti-exploitation, malware signature recognition, model-based static analysis, external sandboxing, virtualized dynamic analysis, execution flow hardening.
- 3+ years of hands-on experience with endpoint security technology.
- Expert troubleshooting skills in MS Windows and Unix/Linux environments.
- Experience and familiarity with concepts of penetration testing/red-teaming, from recon to backdooring & exfiltration.
- Familiarity with offensive tools and frameworks (nishang, PSEmpire, Death Star, mimikatz, Burp, Zap, RedSnarf, crypters, packers, etc.).
- Packet analysis and network protocol dissection skills, using tools such as Wireshark/Ethereal.
- Knowledge of the OSI model and attack/defense for each layer.
- Working understanding of basic application security.
- Knowledge of the fundamentals of malware analysis.
- Hands-on experience configuring server hardware and deployment of MS Windows and Linux operating systems.
- MS Windows and Linux network administration experience.
- Awareness of SDLC and quality assurance and how these relate to product testing.
- Strong English verbal and written communication skills.
- Professional presentation and communication skills.
- Comfortable working with third-party vendors.
- Previous SOC Analyst or forensic security experience.
- Software development background.
- Good understanding of security software testing.
- Penetration testing experience.
- Administration experience of a VMWare environment (pref. using PowerCLI).
- Scripting experience in Powershell, Python, Java, VBScript, Perl, Ruby, etc.
- Familiarity with modern methods of network and endpoint attack and compromise, including multi-part persistence, binary hacking, stage and stageless attacks, fileless malware, and advanced antivirus evasion.
- Knowledge of regulatory compliance: GLBA, SOX, PCI, HIPAA and Assessment Services a plus.
- CISSP, CPT, OSCP, or other professional certifications.
At NSS Labs, we hire innovative and talented individuals with a passion for leading-edge technology. We have a culture of innovation, where quality, originality, and “thinking outside the box” are encouraged. Our leadership fosters professional growth and support, all within a fast-paced environment.
Located in Austin, Texas, NSS Labs offers its team members competitive compensation, medical and dental, and 401(k) benefits. If you feel you have the passion, dedication, and expertise that match our unique company, apply to join our team!
Third party resumes are not currently being accepted. NSS Labs, Inc. will not pay a fee for unsolicited resumes.