Test Engineer — Breach Prevention Systems
NSS Labs, Inc. is the global leader in operationalizing cybersecurity. Through continuous security validation and global threat discovery and automation, NSS Labs empowers enterprises to reduce the operational burden of cybersecurity and address crucial gaps in their cybersecurity efforts. Informed by our experience and strong foundation of security product validation, NSS Labs offers CAWS, a cyber threat protection platform that provides businesses with visibility into the cyber kill chain and automated insights into active threats. With global visibility into active threats and vulnerabilities, CAWS delivers a unique cyber risk rating that makes cybersecurity measurable and helps enterprises focus their resources in the areas that make the most difference. Combined, this information enables businesses to continuously monitor and respond to threats, strengthen their cybersecurity posture, and have confidence that they are appropriately securing the enterprise. CISOs, security operations teams, threat researchers, and information security professionals from many of the world’s largest and most demanding enterprises rely on trusted insights from NSS Labs. For more information, visit www.nsslabs.com.
We are currently seeking a Test Engineer in Austin, Texas to assist in vendor engagements to generate, analyze, and document performance and security metrics for many different security products. This position works closely with many functions within the company to support development of new tests, build out and Maintenance of new test environments, and execute and maintain existing tests. Working with the team, this individual will support the objective, scientific, fact-based approach to testing enterprise security technologies that the market has grown to respect and depend on.
- Assist in the development of test methodology and test cases that assess the efficacy of a security technology as it pertains to enterprise use cases
- Support the build out test environments, including installation of systems and products
- Participate in on-site and remote vendor engagements
- Adherence to all test Standard Operating Procedures (SOP) including, but not limited to, test development best practices, test development workbook completion, scorecard development and engagement notes capture.
- Communicate findings to both technical and non-technical audiences
Required Skills & Qualifications
- Significant experience with one or more of our core Technology Areas: Security Event Management, Content Protection (DLP, Encryption, Access Control), Endpoint Security typically obtained in 3+ years.
- 1+ years of hands-on experience with security technology, whether network, endpoint, or operational forensics
- Significant troubleshooting skills in MS Windows and Unix/Linux environments
- Experience with TCP/IP networking, networking architectures, and troubleshooting skills, including IPv6
- Knowledge of RFC standards, specifically RFC 2544 and RFC 5180, and how they apply to networked devicesGoodknowledge of network device performance testing
- Good knowledge of network security device design
- Hands-on experience configuring server hardware and deployment of MS Windows and Linux operating systems
- Awareness of SDLC and quality assurance and how these relate to product testing
- Comfortable working with third-party vendors
- Strong English verbal and written communication skills
- Professional presentation and communication skills
- MS Windows and Linux network administration experience preferred
- Packet analysis and network protocol dissection skills, using tools such as Wireshark/Ethereal
- Software development background
- Good understanding of security software testing
- Scripting experience in Powershell, Python, Java, VBScript, Perl, Ruby, etc.
- Strong experience with network and security performance testing equipment, both hardware and software (e.g., BreakingPoint and other Ixia products, Spirent/Mu Dynamics, Tomahawk, etc.)
- Knowledge of regulatory compliance: GLBA, SOX, PCI, HIPAA and Assessment Services a plus
- CISSP or other professional certifications