Tenable
Senior Research Engineer - C/C++, Reverse Eng. Wireshark/Shodan
Tenable, Columbia, Maryland, United States, 21046
US - Headquarters - Maryland - Columbia
Who is Tenable? Tenable® is the Exposure Management company. 44,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. Our global employees support 65 percent of the Fortune 500, 45 percent of the Global 2000, and large government agencies. Come be part of our journey!
What makes Tenable such a great place to work? Ask a member of our team and they’ll answer, “Our people!” We work together to build and innovate best‑in‑class cybersecurity solutions for our customers, all while creating a culture of belonging, respect, and excellence where we can be our best selves. When you’re part of our #OneTenable team, you can expect to partner with some of the most talented and passionate people in the industry, and have the support and resources you need to do work that truly matters. We deliver results that exceed expectations and we win together!
Your Role Tenable is looking for a Senior Research Engineer to join our security research team. This position will involve researching existing vulnerabilities, looking for new vulnerabilities, and developing checks/plugins to detect these vulnerabilities via our products. This role will involve some interfacing with stakeholders outside the Research team.
Responsibilities
Work on complex research and development initiatives
Implement advanced detection logic while minimizing false positives & false negatives
Participate in detection logic discussions and the research of new methods for detection
Interface with stakeholders on externalizing the outcomes of some of the research
Help / train other researchers, when needed
What You'll Need
Able to work at Columbia, MD Headquarters (3 days per week, subject to change)
Keep abreast with the advancements and developments in the security industry and perform original research to keep our customers secure
Develop detection scripts for Tenable’s sensors (Nessus vulnerability scanner and others) based on the research findings
Research and develop methods of detection for additional services and products from different vendors
Experience with Wireshark and/or Shodan or similar tools
Demonstrably strong programming skills in C or C++; Perl or Python experience is preferred
Ability and experience in showcasing original research externally – via blogs, white‑papers, etc.
Ability to work independently as a researcher as well as part of a larger team
Experience working with multiple operating systems (proficiency with Linux a must)
Excellent written and verbal communication skills
Adaptable and able to shift priorities as needed
Meticulous in terms of quality & accuracy of work
Willingness to explore and learn
B.S. degree in Computer Science or a related field, or equivalent work experience
At least 5 years of R&D experience
In depth understanding of common security vulnerabilities, CVSS scoring, vulnerability classification, detection and exploitation techniques
In‑depth protocol analysis and interaction. Expert level knowledge of common protocols such as HTTP, DNS, SSH, SMB, etc. and fuzzing
Some prior experience performing open‑ended research when given high‑level requirements and details of the desired output
Experience with pen‑testing, researching, discovering, or publishing vulnerabilities
Reverse engineering experience including basic binary analysis, packet capture analysis, and firmware analysis (using binwalk). Prior experience with debuggers, disassemblers or decompilers (e.g. IDA Pro, Immunity Debugger, gdb)
One or more security related certifications (e.g. OSCP)
Experience with systems administration and be comfortable working at the command line
#LI‑Hybrid #LI‑LP1
This is the base pay range for this position. Compensation for the role will depend on a number of factors, including the candidate's qualifications, skills, competencies, location and experience, and may fall outside of the range shown. Employees are also eligible for variable compensation in addition to base pay (commission for sales roles, bonus for non‑sales roles), depending on company and individual performance. Tenable also offers a variety of comprehensive and competitive benefits which include medical, dental, vision, disability and life insurance; 401(k) retirement savings with company match; an employee stock purchase plan; an employee referral program; flexible spending accounts; an Employee Assistance Program (EAP); education assistance; parental leave; paid time off (PTO); company‑paid holidays; health and wellness events; and community programs.
US Pay Ranges
$113,000 - $151,000 USD
We’re committed to promoting Equal Employment Opportunity (EEO) at Tenable - through all equal employment opportunity laws and regulations at the international, federal, state and local levels. If you need a reasonable accommodation due to a disability during the application or recruiting process, please contact Recruiting@Tenable.com for further assistance.
#J-18808-Ljbffr
Who is Tenable? Tenable® is the Exposure Management company. 44,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. Our global employees support 65 percent of the Fortune 500, 45 percent of the Global 2000, and large government agencies. Come be part of our journey!
What makes Tenable such a great place to work? Ask a member of our team and they’ll answer, “Our people!” We work together to build and innovate best‑in‑class cybersecurity solutions for our customers, all while creating a culture of belonging, respect, and excellence where we can be our best selves. When you’re part of our #OneTenable team, you can expect to partner with some of the most talented and passionate people in the industry, and have the support and resources you need to do work that truly matters. We deliver results that exceed expectations and we win together!
Your Role Tenable is looking for a Senior Research Engineer to join our security research team. This position will involve researching existing vulnerabilities, looking for new vulnerabilities, and developing checks/plugins to detect these vulnerabilities via our products. This role will involve some interfacing with stakeholders outside the Research team.
Responsibilities
Work on complex research and development initiatives
Implement advanced detection logic while minimizing false positives & false negatives
Participate in detection logic discussions and the research of new methods for detection
Interface with stakeholders on externalizing the outcomes of some of the research
Help / train other researchers, when needed
What You'll Need
Able to work at Columbia, MD Headquarters (3 days per week, subject to change)
Keep abreast with the advancements and developments in the security industry and perform original research to keep our customers secure
Develop detection scripts for Tenable’s sensors (Nessus vulnerability scanner and others) based on the research findings
Research and develop methods of detection for additional services and products from different vendors
Experience with Wireshark and/or Shodan or similar tools
Demonstrably strong programming skills in C or C++; Perl or Python experience is preferred
Ability and experience in showcasing original research externally – via blogs, white‑papers, etc.
Ability to work independently as a researcher as well as part of a larger team
Experience working with multiple operating systems (proficiency with Linux a must)
Excellent written and verbal communication skills
Adaptable and able to shift priorities as needed
Meticulous in terms of quality & accuracy of work
Willingness to explore and learn
B.S. degree in Computer Science or a related field, or equivalent work experience
At least 5 years of R&D experience
In depth understanding of common security vulnerabilities, CVSS scoring, vulnerability classification, detection and exploitation techniques
In‑depth protocol analysis and interaction. Expert level knowledge of common protocols such as HTTP, DNS, SSH, SMB, etc. and fuzzing
Some prior experience performing open‑ended research when given high‑level requirements and details of the desired output
Experience with pen‑testing, researching, discovering, or publishing vulnerabilities
Reverse engineering experience including basic binary analysis, packet capture analysis, and firmware analysis (using binwalk). Prior experience with debuggers, disassemblers or decompilers (e.g. IDA Pro, Immunity Debugger, gdb)
One or more security related certifications (e.g. OSCP)
Experience with systems administration and be comfortable working at the command line
#LI‑Hybrid #LI‑LP1
This is the base pay range for this position. Compensation for the role will depend on a number of factors, including the candidate's qualifications, skills, competencies, location and experience, and may fall outside of the range shown. Employees are also eligible for variable compensation in addition to base pay (commission for sales roles, bonus for non‑sales roles), depending on company and individual performance. Tenable also offers a variety of comprehensive and competitive benefits which include medical, dental, vision, disability and life insurance; 401(k) retirement savings with company match; an employee stock purchase plan; an employee referral program; flexible spending accounts; an Employee Assistance Program (EAP); education assistance; parental leave; paid time off (PTO); company‑paid holidays; health and wellness events; and community programs.
US Pay Ranges
$113,000 - $151,000 USD
We’re committed to promoting Equal Employment Opportunity (EEO) at Tenable - through all equal employment opportunity laws and regulations at the international, federal, state and local levels. If you need a reasonable accommodation due to a disability during the application or recruiting process, please contact Recruiting@Tenable.com for further assistance.
#J-18808-Ljbffr