Job Title:
Senior Software Quality Engineer
About Trellix:
Trellix is a global company redefining the future of cybersecurity and soulful work. The company’s comprehensive, open and native cybersecurity platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through artificial intelligence, automation, and analytics to empower over 50,000 business and government customers with responsibly architected security. More at https://trellix.com.
Role Overview:
Hiring for a dynamic Test Engineer focused on product security for the On Prem SIEM Engineering Team
About the role:
- Has a strong level of understanding of the threat landscape in their area of focus (e.g., endpoint, network, email, etc.)
- Can communicate insights about threats and our product response with internal stakeholders (Sales, PM, etc.)
- Spots trends as they are happening and contributes to research projects to address these trends
- Independently delivers production code/content for multiple engines/components for their product focus area
- Expert-level knowledge of product internals for their product focus area
- Builds "high risk" production code/content for their product focus area (e.g., blocking mode signatures, performance intensive changes, lower-level protocol/format parsing, system cleaning)
- Reviews and approves production code/content from peers and junior team members
- Participates in threat hunting initiatives (e.g., analysis of product telemetry) and incorporates findings into research and detection content initiatives
- Has sufficient understanding of the capabilities of other products to work across product focus areas to deliver solutions
- Ability to identify detection opportunities in other products and provide analysis
About You:
- 5+ years of professional work experience.
- Deeply ingrained understanding of application security concepts
- Strong familiarity with CI/CD, DevSecOps, and the entire SDLC
- Understanding of a range of standardized testing approaches including application security testing tools: static (SAST), dynamic (DAST), teractive (IAST), and software composition analysis (SCA)
- Ability to evaluate testing process and practices, develop and execute standard testing strategies
- Strong familiarity and experience working within agile/Scrum or Kanban model
- Familiarity with the OWASP Top 10 and hands-on experience with automated testing tools such as Burp Suite, Metasploit, Anchore, Snyk, and narQube
- Familiarity with network analysis tools like Wireshark, Charles, and Nmap
- Experience using one or more development languages/platforms: Python, Java, JavaScript, .Net, and SQL
- Strong comfort level and hands-on experience with cloud security configuration
- Familiarity with developing software security systems
- Knowledge of relevant data compliance standards
- Effective communication skills along with strong project management skills
Company Benefits and Perks:
We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.
- Retirement Plans
- Medical, Dental and Vision Coverage
- Paid Time Off
- Paid Parental Leave
- Support for Community Involvement
We're serious about our commitment to diversity which is why we prohibit discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.