Senior Software Quality Engineer

Job Title:

About Trellix  
Trellix is a global company redefining the future of cybersecurity. The company’s comprehensive, open, and native cybersecurity platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through artificial intelligence, automation, and analytics to empower over 50,000 business and government customers with responsibly architected security. More at https://trellix.com.

Role Overview:

About the Role :

•  Demonstrated expertise in the Cybersecurity domain, complemented by robust test engineering proficiencies.

• Comprehensive understanding of networking fundamentals and substantial practical experience with Intrusion Detection System (IDS)/Network Detection and Response (NDR) workflows.

• In-depth knowledge of contemporary no-code/low-code orchestration paradigms employed within enterprise Security Operations Center (SOC) environments.

• Highly motivated professional exhibiting a profound commitment to and passion for software quality assurance.

• Proven capability in the authorship of test cases and development of test code, coupled with effective test execution methodologies.

• Active participation in formal Design Reviews and comprehensive Code Inspections.

• Designing and developing automated tools or frameworks to attain highly optimized and effective test coverage.

• Validation of end-to-end threat detection pipelines, encompassing packet capture, flow analysis, alert generation, and subsequent response actions.

• Ensuring inherent testability within product features and consistently measuring and analyzing code coverage data

• Performing meticulous debugging and systematic troubleshooting across a variety of local and remote testing environments, including providing in-field support when requisite.

• Effective collaboration with cross-functional teams, specifically Engineering, Detection, and Product Management.  

About You :

• A requisite of 5-10 years of professional experience in product testing and development is mandatory. This tenure must encompass expertise in code review and bug analysis, the formulation of test tools, the meticulous design of comprehensive test cases, and a substantial contribution to effective test planning.

• A profound and demonstrated understanding of networking concepts (TCP/IP, HTTP/HTTPS, DNS, VPN, Routing, Proxies, Subnets, Ports) and foundational security principles (firewalls, intrusion detection, lateral movement, malware, MITRE ATT&CK) is deemed essential.

• Practical experience is required in network traffic analysis through the utilization of industry-standard tools such as Wireshark, Zeek/Bro, Suricata/Snort, or tcpdump.

• The capacity to design and execute comprehensive test plans for Network Detection and Response (NDR) product features, specifically including detection rules, Machine Learning (ML) analytics, and alerting mechanisms, is necessary.

• Experience is expected in the testing of streaming data pipelines and event correlation mechanisms, leveraging established technologies such as Apache Kafka and Apache Flink.

• Proficiency in the validation of alert response workflows (block, isolate, enrich, forward to SIEM/SOAR) is mandated; a perspective informed by Security Operations Center (SOC) practices regarding alert quality and workflow efficacy is considered highly advantageous.

• Knowledge of prevalent security frameworks and compliance standards (MITRE ATT&CK, NIST, OCSF, etc.) is mandatory.

• Practical experience in the development of automated UI, API, and functional test scenarios utilizing Python or comparable scripting frameworks (e.g., PyTest, Selenium, Playwright) is a prerequisite.

• The candidate will be responsible for maintaining QA infrastructure and integrating automated tests into continuous integration/continuous deployment (CI/CD) pipelines (Jenkins, GitLab CI, or similar).

• Proficiency in operating within Linux-based systems and a foundational familiarity with cloud (AWS/Azure/GCP) or virtualized environments utilized for the deployment of NDR sensors and controllers is essential.

• The role necessitates collaborative engagement with detection engineers and developers to accurately reproduce reported issues, furnish high-quality defect reports, and define robust regression suites for critical detections and workflows.

Company Benefits and Perks:

We believe that the best solutions are developed by teams who embrace each other's unique experiences, skills, and abilities. We work hard to create a dynamic workforce where we encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.

• Retirement Plans

• Medical, Dental and Vision Coverage

• Paid Time Off

• Paid Parental Leave

• Support for Community Involvement

We're serious about our commitment to a workplace where everyone can thrive and contribute to our industry-leading products and customer support, which is why we prohibit discrimination and harassment based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.

Our Commitment to You:

At Trellix, we are committed to creating a safe and trustworthy experience for our customers, employees, and candidates. Please be aware that fraudulent recruiting activity can occur through fake job postings or impersonated communications.

Trellix conducts interviews through professional channels only and does not use text messages, instant messaging, or group chats for interviews. We will never request sensitive personal information—such as your date of birth, Social Security number, or national ID number—during the interview process.

Trellix also does not require candidates to pay fees, purchase products or services, or process payments of any kind as part of the recruiting or hiring process. And Trellix will never keep any original work authorization documents that we may be required to review during the hiring process.