Tenable is looking for a Research Engineer to join our vulnerability detections research team. This position will involve researching existing vulnerabilities, looking for new vulnerabilities, and developing checks/plugins to detect these vulnerabilities via our products. This role will involve some interfacing with stakeholders outside the Research team.

Your Opportunity:

• Works on advanced research and development initiatives
• Implements advanced detection logic while minimizing false positives & false negatives
• Participates in detection logic discussions and the research of new methods for detection
• Interfaces with stakeholders on externalizing the outcomes of some of the research
• Helps other researchers on the team, when needed

• Keep abreast with the advancements and developments in the security industry and perform original research to keep our customers secure
• Develop detection scripts for Tenable’s sensors (Nessus vulnerability scanner and others) based on the research findings
• Research and develop methods of detection for additional services and products from different vendors
• Demonstrably strong programming skills in two or more languages
• Ability and experience in showcasing original research externally – via blogs, white-papers, etc.
• Ability to work independently as a researcher as well as part of a larger team
• Experience working with multiple operating systems (proficiency with Linux a must)
• Excellent written and verbal communication skills
• Adaptable and able to shift priorities among initiatives, as needed
• Meticulous in terms of quality & accuracy of work
• Initiative and drive to explore and learn continually
• B.S. degree in Computer Science or a related field, or equivalent work experience
• At least 2 years of R&D experience

And Ideally:

• Some prior experience performing open-ended security research when given high-level requirements and details of the desired outcome
• Understanding of common security vulnerabilities, CVSS scoring, vulnerability classification, detection and exploitation techniques
• Protocol analysis and interaction. Knowledge of common protocols such as HTTP, DNS, SSH, SMB, etc. and fuzzing
• Experience with pen-testing, researching, discovering, or publishing vulnerabilities
• Reverse engineering experience including basic binary analysis, packet capture analysis, and firmware analysis (using binwalk). Prior experience with debuggers, disassemblers or decompilers (e.g. IDA Pro, Immunity Debugger, gdb)
• Experience with C or C++, Assembly (x86/x64 and/or ARM/ARM64) and / or scripting languages
• Experience with systems administration and be comfortable working at the command line
• One or more security related certifications (e.g. OSCP)

We’re committed to promoting Equal Employment Opportunity (EEO) at Tenable - through all equal employment opportunity laws and regulations at the international, federal, state and local levels.