Job Title:

Senior Software Quality Engineer

About Trellix:

Trellix is a global company redefining the future of cybersecurity and soulful work. The company’s comprehensive, open and native cybersecurity platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through artificial intelligence, automation, and analytics to empower over 50,000 business and government customers with responsibly architected security. More at  https://trellix.com. 

Role Overview:

Hiring for a dynamic Test Engineer focused on product security for the On Prem SIEM Engineering Team

Company Overview:

Trellix is a global company redefining the future of cybersecurity. The company’s open and native extended detection and response (XDR) platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix’s security experts, along with an extensive partner ecosystem, accelerate technology innovation through machine learning and automation to empower over 40,000 business and government customers. More at https://trellix.com.

About the role:

• Has a strong level of understanding of the threat landscape in their area of focus (e.g., endpoint, network, email, etc.)
• Can communicate insights about threats and our product response with internal stakeholders (Sales, PM, etc.)
• Spots trends as they are happening and contributes to research projects to address these trends
• Independently delivers production code/content for multiple engines/components for their product focus area
• Expert-level knowledge of product internals for their product focus area
• Builds "high risk" production code/content for their product focus area (e.g., blocking mode signatures, performance intensive changes, lower-level protocol/format parsing, system cleaning)
• Reviews and approves production code/content from peers and junior team members
• Participates in threat hunting initiatives (e.g., analysis of product telemetry) and incorporates findings into research and detection content initiatives
• Has sufficient understanding of the capabilities of other products to work across product focus areas to deliver solutions
• Ability to identify detection opportunities in other products and provide analysis

About You:

5+ years of professional work experience.
Deeply ingrained understanding of application security concepts
Strong familiarity with CI/CD, DevSecOps, and the entire SDLC
Understanding of a range of standardized testing approaches including application security testing tools: static (SAST), dynamic (DAST), teractive (IAST), and software composition analysis (SCA)
Ability to evaluate testing process and practices, develop and execute standard testing strategies
Strong familiarity and experience working within agile/Scrum or Kanban model
Familiarity with the OWASP Top 10 and hands-on experience with automated testing tools such as Burp Suite, Metasploit, Anchore, Snyk, and narQube
Familiarity with network analysis tools like Wireshark, Charles, and Nmap
Experience using one or more development languages/platforms: Python, Java, JavaScript, .Net, and SQL
Strong comfort level and hands-on experience with cloud security configuration
Familiarity with developing software security systems
Knowledge of relevant data compliance standards
Effective communication skills along with strong project management skills

Company Benefits and Perks:

We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.

Retirement PlansMedical, Dental and Vision CoveragePaid Time OffPaid Parental LeaveSupport for Community Involvement

We're serious about our commitment to diversity which is why we prohibit discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.