Principal Security Research Engineer

NetSPI is the proactive security solution used to discover, prioritize, and remediate security vulnerabilities of the highest importance. We help secure the most trusted brands on Earth with our Penetration Testing as a Service (PTaaS), Attack Surface Management (ASM), and Breach and Attack Simulation (BAS) solutions. Leveraging a unique combination of dedicated security experts, intelligent process, and advanced technology, NetSPI brings a proactive approach to cybersecurity with more clarity, speed, and scale than ever before.

NetSPI is on an exciting growth journey as we disrupt and improve the proactive security market. We are looking for individuals with a collaborative, innovative, and customer-first mindset to join our team. Learn more about our award-winning workplace culture and get to know our A-Team at www.netspi.com/careers.

This role will research & develop solutions to mitigate aggressive endpoint security stacks (EDRs), allowing us to do more realistic Red Team operations, accurately assess detection coverage in our Breach and Attack Simulations (BAS), and thoroughly enumerate all attack surfaces in our network penetration testing engagements.

This role may also assist in the development of other solutions to commonly shared problems across service lines as we evolve our approach and reduce the friction described above. This role may also assist on additional post-exploitation techniques and C2 tooling as needed.

Responsibilities:

• Researching and developing technical solutions to reduce detection friction across our service lines
• Collecting data which enables fast and wise decisions about tooling and techniques as appropriate for each service line
• Collaborating to maintain a lab of common detection telemetry sources found in typical customer environments and baselining our library of techniques and tooling against them
• Developing new and novel ways to bypass, unhook, evade, disable, or otherwise defeat these detection controls
• Sharing techniques across these service lines in a proper format , i.e. the newest and most stealthy techniques are to be used in our Red Team practice first and foremost before being leveraged in Breach and Attack Simulation or Network Service Lines.

Requirements:

• C/C++ development experience on Windows with the Windows API
• Experience with multi-stage malware, both on the development and detection side, i.e. knowing both sides of the same coin
• GoLang, Python, or other secondary languages for automating supporting processes
• Exposure or desire to develop stagers and payloads on other platforms (i.e. MacOS, *nix)
• Experience with automated deployments of ephemeral infrastructure
• The ability to give technical presentations of this type of work, both internally and publicly as requested

#LI-remote

This position is currently accepting applications.

Apply Now