About the role

The Security Services organization is responsible for building core security products and features, such as Data Loss Prevention, IPS, Malware and Threat Prevention, Cloud Confidence Index, and Breach and Anomaly Detection. We apply Artificial Intelligence and Machine Learning technologies across the Netskope cloud security platform. As part of the Security Services org, the Security Efficacy team is responsible for continuous enhancement and enrichment of our malware detection, URL filtering, web security, IPS, threat modeling, and SaaS/IaaS security capabilities.

What you will be doing

• Design and develop novel detection mechanisms to detect malware and Advanced threats.  
• Be the end-to-end owner of malware detection features and help to improve detection efficacy by implementing new features and product improvements.  
• Ensure continuous high efficacy on all Netskope products, through well designed internal testing and collaboration with 3rd-party testing agencies;
• Respond to customer escalations. Cover latest threat discovered. Ensure the detection efficacy of Netskope threat protection.
• Work closely with data scientists, threat researchers, software engineers and QE engineers ensure our solutions deliver continuous security values to end customers;
• Document security content release process, testing methodology, testing environment and results. Be the end-to-end owner of security efficacy SOPs;
• Be an evangelist of secure SDLC within the company;
• Collaborate with the data analytics team to define new platform requirements and continuously improve our horizontally scalable data lake.
• Lead in-depth research into emerging cyber threats, malware, APT groups, and TTPs (Tactics, Techniques, and Procedures).

Qualifications/Requirements

• First of all, candidates must have a true startup spirit. Be willing to wear multiple hats and deliver end-to-end
• 5+ years industry experience in Malware detection engine development (i.e. AVEngine, Sandbox)
• Experience with Malware detection engines and building/tuning sandbox.
• 5+ years experience in Malware Analysis and Reverse Engineering
• Experience in malware hunting tools (.e.g.. Yara, fuzzy hashing)
• Background in threat research, experience in static and dynamic analysis tools (e.g., IDA Pro, Ghidra), network analysis tools (e.g., Wireshark, Zeek), and sandbox environments.
• Understand and comfortable with parsing file structure of common file types including PE/Office/PDF.
• Familiar with the behaviors of various types of malware including trojans, ransomwares, viruses, rootkits, etc
• Strong understanding of network protocols, system internals (Windows, Linux), and attack techniques such as fileless malware, obfuscation, and evasion.
• Rich experience in Python programming. 
• Working knowledge of SQL and NoSQL databases
• Familiarity with Git version control, CI/CD pipelines, bug tracking tools, etc.
• Hands-on experience in public cloud infrastructure (AWS, GCP, or Azure) is plus
• Design and develop accurate, high-quality signatures and detection rules for threat detection systems
• Strong problem-solving and analytical skills, with an ability to think critically about threat detection and mitigation strategies.
• Familiarity with MITRE ATT&CK framework and how it maps to threat detection and signature development.
• Energetic self-starter, with the desire to work in a dynamic fast-paced environment
• Excellent verbal and written communication skills
• Data mining and machine learning experience highly desirable
• Working knowledge of big data platform highly desirable
• Ability to influence without authority
• Ability of thinking out-of-box and evaluating results based on customer value

Education

• BS or MS in Computer Science or equivalent technical degree

#LI-NN1