AV Whitelisting, Endpoint Security Compatibility Engineer

📋 Description

• Assess antivirus and EDR alerts impacting our applications

• Examine false positives from:

• - Microsoft Defender

• - CrowdStrike

• - SentinelOne

• - Sophos

• - Bitdefender

• - ESET

• - Kaspersky

• Collaborate with engineering teams to pinpoint behaviors that trigger alerts

• Enhance software trust and reputation frameworks

• Oversee AV vendor submissions and the whitelisting procedures

• Evaluate:

• - installers

• - auto-update systems

• - drivers/services

• - network behavior

• - persistence mechanisms

• Suggest enhancements for:

• - code signing

• - EV certificates

• - Windows SmartScreen reputation

• - binary integrity

• - release pipelines

• Conduct static and dynamic analysis of binaries as necessary

• Engage directly with antivirus vendors and security teams

⛳️ Requirements

• Significant experience as an application security consultant or in a related position

• Strong comprehension of Windows internals

• Familiarity with antivirus and EDR solutions

• Knowledge of malware analysis or reverse engineering techniques

• Understanding of reputation-based detection mechanisms

• Excellent interpersonal communication abilities

🏝️ Benefits

• Competitive salary based on experience and expertise

• Flexible remote-first working arrangement

• Opportunity to contribute to large-scale networking and infrastructure products

• Direct influence on product trust, reputation, and large-scale distribution

• Access to state-of-the-art Windows security and endpoint protection challenges

• Collaborate closely with experienced engineering and infrastructure teams