Threat Software Development Engineer in Test Engineer, Security Efficacy

Today, there's more data and users outside the enterprise than inside, causing the network perimeter as we know it to dissolve. We realized a new perimeter was needed, one that is built in the cloud and follows and protects data wherever it goes, so we started Netskope to redefine Cloud, Network and Data Security. 

Since 2012, we have built the market-leading cloud security company and an award-winning culture powered by hundreds of employees spread across offices in Santa Clara, St. Louis, Bangalore, London, Paris, Melbourne, Taipei, and Tokyo. Our core values are openness, honesty, and transparency, and we purposely developed our open desk layouts and large meeting spaces to support and promote partnerships, collaboration, and teamwork. From catered lunches and office celebrations to employee recognition events and social professional groups such as the Awesome Women of Netskope (AWON), we strive to keep work fun, supportive and interactive.  Visit us at Netskope Careers. Please follow us on LinkedIn and Twitter@Netskope.

About the role

The Security Services organization is responsible for building core security products and features, such as Data Loss Prevention, web security, IPS, Malware and Threat Prevention, and Breach and Anomaly Detection. We apply artificial intelligence and machine learning technologies across the Netskope cloud security platform. As part of the Security Services organization, the security efficacy team is responsible for continuous enhancement and enrichment of our threat intelligence, and security infrastructure capabilities.

What’s in it for you

As a member of the security services team you will play a key role in the design, development and operation of the security services that power the Netskope Security Cloud. You will work across development, research and product management teams to craft innovative solutions to the most challenging problems our customers face, and use your passion for and expertise in threat protection, malware detection, web security and network security to help drive the continued evolution of our market-leading products. If you live and breathe cloud security the way we do, we would like to hear from you. 

What you will be doing

• Develop expertise in our AI security solutions, and use that expertise and your experience to help design and qualify the solution as a whole, including UI and API;
• Contribute to building a flexible and scalable test automation solution;
• Develop innovative ways to smartly measure, monitor & report application and infrastructure health;

• Help reproduce the customer issue and respond customer request;

• Work closely with the design and development team to help ensure an amazing user experience;
• Help create and implement quality processes and requirements;
• Work closely with the team to replicate customer environments and use cases;
• Identify and communicate risks about our releases. Look beyond your specific area of responsibility and ensure our solutions deliver value to our customers;
• Be able to own and make quality decisions for the solution;
• Own the release and be a customer advocate;

Required skills and experience

• 5+ years of experience in the field of SDET track record showing that you are a highly motivated individual, capable of coming up with creative, innovative and working solutions in a collaborative environment;
• Proficient in at least one of these programming languages: Python, Java, Go-Lang;
• Basic malware Threat related work experience such as 
• Malware hunting tools (.e.g.. Yara, fuzzy hashing);
• Threat research, experience in static and dynamic analysis tools (e.g., IDA Pro, Ghidra), network analysis tools (e.g., Wireshark, Zeek), and sandbox environments;
• Understand features on  file structure of common file types including PE/Office/PDF/Archive/script and non-windows file types ELF/MachO;
• Knowledge about heuristic rules, feature engineering to build ML models from the features/IOCs extracted to drive the detection;
• Knowledge with the behaviors of various types of malware including trojans, ransomwares, viruses, rootkits, etc;
• Understand in deriving threat type/family name from malware across most popular file types like PE/Office/PDF/Archive/Script;
• Basic knowledge of MITRE ATT&CK framework;
• Be able to help collect the test malware sample files to validate the detection efficacy;
• Proficient in at least one of public cloud technologies such as AWS, GCP and Azure and familiar with cloud infrastructure configuration/operation, AWS preferred;
• Strong troubleshooting and problem-solving skills with the ability to perform in-depth root cause analysis to support efficient issue resolution;
• Knowledge of CI/CD systems. Experience with Jenkins and Github actions;
• Experience building test automation frameworks;
• Strong knowledge of linux systems;
• Experience with Databases (SQL and NoSQL), Messaging queue system and big data processing technologies is a big plus;
• Experience with UI/API testing is a big plus;
• Comfortable with ambiguity and taking the initiative regarding issues and decisions;
• Experience to leverage AI tool to write test case is plus;

Education

• BSCS or equivalent required, MSCS or equivalent strongly preferred

#LI-BL2

Netskope is committed to implementing equal employment opportunities for all employees and applicants for employment. Netskope does not discriminate in employment opportunities or practices based on religion, race, color, sex, marital or veteran statues, age, national origin, ancestry, physical or mental disability, medical condition, sexual orientation, gender identity/expression, genetic information, pregnancy (including childbirth, lactation and related medical conditions), or any other characteristic protected by the laws or regulations of any jurisdiction in which we operate.

Netskope respects your privacy and is committed to protecting the personal information you share with us, please refer to Netskope's Privacy Policy for more details.