Senior Vulnerability Research Engineer

last updated November 23, 2024 1:28 UTC

Tenable, Inc.

HQ: Remote

more jobs in this category:

Your Role:

Tenable is looking for a Senior Research Engineer to join our 0-day security research team. This position will involve exploring the attack surface area of various software and systems, looking for new vulnerabilities, developing checks/plugins to detect these vulnerabilities via our products and coordinating disclosure of the 0-days found with vendors.

Your Opportunity:

  • Works on complex research and development initiatives

  • Implements advanced detection logic while minimizing false positives & false negatives

  • Participates in detection logic discussions and the research of new methods for detection

  • Interfaces with stakeholders on externalizing the outcomes of some of the research

  • Helps / trains other researchers, when needed

What you’ll need:

  • Proven track record of discovering 0-day vulnerabilities

  • Keep abreast with the advancements and developments in the security industry and perform original research to keep our customers secure

  • Develop detection scripts for Tenable’s sensors (Nessus vulnerability scanner and others) based on the research findings

  • Research and develop methods of detection for additional services and products from different vendors

  • Demonstrably strong programming skills in one or more languages

  • Ability and experience in showcasing original research externally – via blogs, white papers, etc.

  • Ability to work independently as a researcher as well as part of a larger team

  • Experience working with multiple operating systems

  • Excellent written and verbal communication skills

  • Adaptable and able to shift priorities as needed

  • Meticulous in terms of quality & accuracy of work

  • Willingness to explore and learn

  • B. S. degree in Computer Science or a related field, or equivalent work experience

  • At least 5 years of R&D experience

  • In depth understanding of common security vulnerabilities, vulnerability classification, detection and exploitation techniques.

  • Reverse engineering experience including binary analysis, packet capture analysis, and firmware analysis (using binwalk or other). Prior experience with debuggers, disassemblers or decompilers (e.g. IDA Pro, Immunity Debugger, gdb)

  • Experience with crash dump analysis and some exploit development.

  • In-depth protocol analysis and interaction. Expert level knowledge of common protocols such as HTTP, DNS, SSH, SMB, etc. and fuzzing

  • Some prior experience performing open-ended research when given high-level requirements and details of the desired output.

  • Experience with researching, discovering, and publishing vulnerabilities

  • Experience with C or C++, Assembly (x86/x64 and/or ARM/ARM64) and scripting languages

  • Experience writing blogs and whitepapers to showcase research as well as presenting at security conferences

We’re committed to promoting Equal Employment Opportunity (EEO) at Tenable – through all equal employment opportunity laws and regulations at the international, federal, state and local levels.

Shopping Cart
There are no products in the cart!
Total
 0.00
Checkout
0