Description
NetSPI is the proactive security solution used to discover, prioritize, and remediate security vulnerabilities of the highest importance. We help secure the most trusted brands on Earth with our Penetration Testing as a Service (PTaaS), Attack Surface Management (ASM), and Breach and Attack Simulation (BAS) solutions. Leveraging a unique combination of dedicated security experts, intelligent process, and advanced technology, NetSPI brings a proactive approach to cybersecurity with more clarity, speed, and scale than ever before.
NetSPI is on an exciting growth journey as we disrupt and improve the proactive security market. We are looking for individuals with a collaborative, innovative, and customer-first mindset to join our team. Learn more about our award-winning workplace culture and get to know our A-Team at www.netspi.com/careers .
This role will research & develop solutions to mitigate aggressive endpoint security stacks (EDRs), allowing us to do more realistic Red Team operations, accurately assess detection coverage in our Breach and Attack Simulations (BAS), and thoroughly enumerate all attack surfaces in our network penetration testing engagements.
This role may also assist in the development of other solutions to commonly shared problems across service lines as we evolve our approach and reduce the friction described above. This role may also assist on additional post-exploitation techniques and C2 tooling as needed.
Responsibilities
Leveraging a unique combination of dedicated security experts, intelligent process, and advanced technology, NetSPI helps security teams take a proactive approach to cybersecurity with more clarity, speed, and scale than ever before.
By continually advancing solutions such as Penetration Testing as a Service (PTaaS), Attack Surface Management (ASM), and Breach and Attack Simulation (BAS), NetSPI goes beyond the noise to deliver high impact results and recommendations based on business needs, so customers can protect their priorities, perform better, and innovate with confidence.
NetSPI secures the most trusted brands on Earth, including nine of the top 10 U.S. banks, four of the top five leading cloud providers, three of the five largest healthcare companies, four MAMAA companies, seven of the top 10 U.S. retailers & e-commerce companies, and many of the Fortune 500.
EOE Statement We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law.
NetSPI is the proactive security solution used to discover, prioritize, and remediate security vulnerabilities of the highest importance. We help secure the most trusted brands on Earth with our Penetration Testing as a Service (PTaaS), Attack Surface Management (ASM), and Breach and Attack Simulation (BAS) solutions. Leveraging a unique combination of dedicated security experts, intelligent process, and advanced technology, NetSPI brings a proactive approach to cybersecurity with more clarity, speed, and scale than ever before.
NetSPI is on an exciting growth journey as we disrupt and improve the proactive security market. We are looking for individuals with a collaborative, innovative, and customer-first mindset to join our team. Learn more about our award-winning workplace culture and get to know our A-Team at www.netspi.com/careers .
This role will research & develop solutions to mitigate aggressive endpoint security stacks (EDRs), allowing us to do more realistic Red Team operations, accurately assess detection coverage in our Breach and Attack Simulations (BAS), and thoroughly enumerate all attack surfaces in our network penetration testing engagements.
This role may also assist in the development of other solutions to commonly shared problems across service lines as we evolve our approach and reduce the friction described above. This role may also assist on additional post-exploitation techniques and C2 tooling as needed.
Responsibilities
- Researching and developing technical solutions to reduce detection friction across our service lines
- Collecting data which enables fast and wise decisions about tooling and techniques as appropriate for each service line
- Collaborating to maintain a lab of common detection telemetry sources found in typical customer environments and baselining our library of techniques and tooling against them
- Developing new and novel ways to bypass, unhook, evade, disable, or otherwise defeat these detection controls
- Sharing techniques across these service lines in a proper format , i.e. the newest and most stealthy techniques are to be used in our Red Team practice first and foremost before being leveraged in Breach and Attack Simulation or Network Service Lines.
- C/C++ development experience on Windows with the Windows API
- Experience with multi-stage malware, both on the development and detection side, i.e. knowing both sides of the same coin
- GoLang, Python, or other secondary languages for automating supporting processes
- Exposure or desire to develop stagers and payloads on other platforms (i.e. MacOS, *nix)
- Experience with automated deployments of ephemeral infrastructure
- The ability to give technical presentations of this type of work, both internally and publicly as requested
Leveraging a unique combination of dedicated security experts, intelligent process, and advanced technology, NetSPI helps security teams take a proactive approach to cybersecurity with more clarity, speed, and scale than ever before.
By continually advancing solutions such as Penetration Testing as a Service (PTaaS), Attack Surface Management (ASM), and Breach and Attack Simulation (BAS), NetSPI goes beyond the noise to deliver high impact results and recommendations based on business needs, so customers can protect their priorities, perform better, and innovate with confidence.
NetSPI secures the most trusted brands on Earth, including nine of the top 10 U.S. banks, four of the top five leading cloud providers, three of the five largest healthcare companies, four MAMAA companies, seven of the top 10 U.S. retailers & e-commerce companies, and many of the Fortune 500.
EOE Statement We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law.
-
Seniority level
Mid-Senior level -
Employment type
Full-time -
Job function
Engineering and Information Technology -
Industries
Computer and Network Security
Referrals increase your chances of interviewing at NetSPI by 2x
See who you knowGet notified about new Principal Research Engineer jobs in United States.
Sign in to create job alertSimilar Searches
Looking for a job?
Visit the Career Advice Hub to see tips on interviewing and resume writing.
View Career Advice Hub