Senior Test Engineer - Endpoint Detection
We test the world’s security products. Based in Austin, Texas, our research and testing laboratory is recognized globally as the most trusted source for independent, fact-based cybersecurity guidance.
NSS Labs’ reputation is built on millions of hours of real-world testing. Over the years we have found flaws in thousands of security products across numerous technologies. Our in-depth security testing programs provide our clients with the relevant information they need to support investments in their cyber programs.
C-Suite executives and information security professionals from many of the world's most demanding enterprises rely on NSS Labs to accelerate security decisions with greater confidence.
FOLLOW US on Twitter @workatnsslabs
**This position is located in Austin, TX. Relocation is offered**
NSS Labs is seeking a Senior Test Engineer in Austin, Texas to interact directly with vendors to generate, analyze, and document performance and security metrics for many different security products. This position works closely with many functions within the company to develop new tests, build out and maintain new test environments, and execute and maintain existing tests. As the expert responsible for testing a security technology from harness concept through to operation and maintenance, this individual will support the objective, scientific, fact-based approach to testing enterprise security technologies that the market has grown to respect and depend on.
- Development of test methodology and test cases that assess the efficacy of a security technology as it pertains to enterprise use cases.
- Build out test environments, including installation of systems and products.
- Conducting and/or overseeing on-site and remote vendor engagements.
- Adherence to all test Standard Operating Procedures (SOP) including, but not limited to, test development best practices, test development workbook completion, scorecard development and engagement notes capture.
- Participate in the creation of thought leadership pieces (delivered as webinars or research papers) that assist enterprises in their decision making.
- Communicate findings to both technical and non-technical audiences.
- Overseeing the execution of tests according to methodological concepts.
- Engage with and support enterprise clients to ensure the use cases and testing represent the challenges faced in product deployment.
Required Skills and Experiences:
- Familiarity with endpoint security technologies or vendors: examples include: CrowdStrike, Cylance, SentinelOne, Tanium. Technologies such as anti-exploitation, malware signature recognition, model-based static analysis, external sandboxing, virtualized dynamic analysis, execution flow hardening.
- 3+ years of hands-on experience with endpoint security technology.
- Expert troubleshooting skills in MS Windows and Unix/Linux environments.
- Experience and familiarity with concepts of penetration testing/red-teaming, from recon to backdooring & exfiltration.
- Familiarity with offensive tools and frameworks (nishang, PSEmpire, Death Star, mimikatz, Burp, Zap, RedSnarf, crypters, packers, etc.).
- Packet analysis and network protocol dissection skills, using tools such as Wireshark/Ethereal.
- Knowledge of the OSI model and attack/defense for each layer.
- Working understanding of basic application security.
- Knowledge of the fundamentals of malware analysis.
- Hands-on experience configuring server hardware and deployment of MS Windows and Linux operating systems.
- MS Windows and Linux network administration experience.
- Awareness of SDLC and quality assurance and how these relate to product testing.
- Strong English verbal and written communication skills.
- Professional presentation and communication skills.
- Comfortable working with third-party vendors.
- Previous SOC Analyst or forensic security experience.
- Software development background.
- Good understanding of security software testing.
- Penetration testing experience.
- Administration experience of a VMWare environment (pref. using PowerCLI).
- Scripting experience in Powershell, Python, Java, VBScript, Perl, Ruby, etc.
- Familiarity with modern methods of network and endpoint attack and compromise, including multi-part persistence, binary hacking, stage and stageless attacks, fileless malware, and advanced antivirus evasion.
- Knowledge of regulatory compliance: GLBA, SOX, PCI, HIPAA and Assessment Services a plus.
- CISSP, CPT, OSCP, or other professional certifications.
At NSS Labs, we hire innovative and talented individuals with a passion for leading-edge technology. We have a culture of innovation, where quality, originality, and “thinking outside the box” are encouraged. Our leadership fosters professional growth and support, all within a fast-paced environment.
Located in Austin, Texas, NSS Labs offers its team members competitive compensation, medical and dental, and 401(k) benefits. If you feel you have the passion, dedication, and expertise that match our unique company, apply to join our team!
Third party resumes are not currently being accepted. NSS Labs, Inc. will not pay a fee for unsolicited resumes.
NSS Labs provides equal employment opportunities to all employees and applicants for employment without regard to race, religion, color, national origin, ancestry, sex (including pregnancy), disability, age (40 and older), marital status, sexual orientation, gender identity or expression, genetic information, medical condition, veteran or military status, or any other characteristic protected by law. Equal employment opportunity applies to all terms and conditions of employment, including hiring, placement, promotion, termination, layoff, transfer, leave of absence, compensation, and training.