Senior Staff Software Engineer ( MacOS/ Linux Internals ) - REMOTE USA

Trellix is a global company redefining the future of cybersecurity. The company’s open and native extended detection and response (XDR) platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix’s security experts, along with an extensive partner ecosystem, accelerate technology innovation through machine learning and automation to empower over 40,000 business and government customers. More at https://trellix.com.

Want to work on (or really, really close to) the front lines of incident response?! Threat Lab’s Research and Custom Engineering (RACE) team is tasked with delivering innovative research and technical solutions to the suite of Trellix Products and ultimately Trellix customers. As a member of RACE, you will be expected to understand the threat landscape and customer needs, identify the best technologies to get the job done, and get the job done. quickly. Candidates should possess a broad technical skillset and the ability to deliver reliable software (read: you are also the QA team) in short time frames. Strong preference will be given to candidates with a background in computer security including computer and network forensics, penetration testing, reverse engineering, and intrusion detection/response.

What you will do:

• Research new and innovative ways to detect bad actors across enterprise environments
• Write, test, and maintain Python and C++ codebases (across multiple architectures and operating systems)
• Collaborate with teammates during Scrum sessions
• Promote strict code testing and validation to ensure high-quality coding standards
• Develop, ship, and support code that finds evil

Minimum Requirements:

• Minimum of 9+ years of experience in software design and development
• Minimum of 7 years of experience in programming skills with C++
• Minimum of 4 years of experience macOS operating system internals
• Strong reverse engineering experience
• Strong programming skills with interpreted languages such as Python

Functional Requirements:

• Ability to take requirements and execute projects from start to finish with minimal supervision
• Experience developing, testing, and shipping reliable software capabilities
• Experience designing and implementing highly scalable and performant code
• Ability to clearly communicate and collaborate
• Discipline to conduct thorough quality assurance and deliver high quality code

Desired Qualification:

• Experience in one or more cyber security domains (e.g., forensics, cryptography, vulnerability research, etc.)
• Strong knowledge in Windows, macOS and/or Linux forensics
• Knowledge of internals of Python and other interpreted languages
• Understanding of one or more operating system internals from user land to kernel land
• Experience implementing Serverless/ Cloud computing solutions
• Experience applying machine learning solutions

Check out these blog posts to get a better idea of some of the (published) work we’ve done!

• Investigating Lateral Movement with Logon Tracker
• COOKIEJAR: Tracking Adversaries With FireEye Endpoint Security’s Logon Tracker Module
• Introducing pywintrace: A Python Wrapper for ETW
• Digging Up the Past: Windows Registry Forensics Revisited

FireEye Security is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.

Minimum Salary: $150,000. Final salary will be determined commensurately with cost of living, experience level, and/or any other legally permissible considerations.

Incentive Compensation: Eligibility for annual bonus subject to individual and company performance; eligibility for award of Restricted Stock Units subject to eligibility requirements, approval from FireEye’s Compensation Committee, and vesting terms

Benefits: Employer subsidized benefits include Medical, Dental, Vision, Life, and Disability Insurance. Subject to eligibility requirements, FireEye also offers the ability to participate in 401(k), Flexible Spending Accounts, Health Savings Accounts, Dependent Care Spending Accounts, and Employee Stock Purchase Program. FireEye also provides Paid Time Off, Flexible Paid Sick Time, and Paid Holidays.

• Disclosure as required by sb19-085 (8-5-20)

Mandiant (formerly FireEye) has announced the sale of its Products business to Symphony Technology Group. Learn more about the sale here: https://www.fireeye.com/company/press-releases/2021/fireeye-announces-sale-of-fireeye-products-business-to-symphony-technology-group.html. This position will be part of the FireEye Security organization under the purchasing company. Our new company's security portfolio protects customers across endpoints, infrastructure, applications, and in the cloud. We will accelerate efforts to develop an integrated security platform powered by artificial intelligence and automation for superior threat detection and prevention.