Your Role:
Tenable is looking for a Senior Research Engineer to join our security research team. This position will involve researching existing vulnerabilities, looking for new vulnerabilities, and developing checks/plugins to detect these vulnerabilities via our products. This role will involve some interfacing with stakeholders outside the Research team.
Your Opportunity:

Works on complex research and development initiatives  Implements advanced detection logic while minimizing false positives & false negatives Participates in detection logic discussions and the research of new methods for detection  Interfaces with stakeholders on externalizing the outcomes of some of the research Helps / trains other researchers, when needed

What You'll Need:

Able to work at Columbia, MD Headquarters (3 days per week, subject to change) Keep abreast with the advancements and developments in the security industry and perform original research to keep our customers secure Develop detection scripts for Tenable’s sensors (Nessus vulnerability scanner and others) based on the research findings Research and develop methods of detection for additional services and products from different vendors Experience with Wireshark and/or Shodan or similar tools Demonstrably strong programming skills in C or C++. **Perl or Python experience is preferred Ability and experience in showcasing original research externally – via blogs, white-papers, etc. Ability to work independently as a researcher as well as part of a larger team Experience working with multiple operating systems (proficiency with Linux a must) Excellent written and verbal communication skills Adaptable and able to shift priorities as needed Meticulous in terms of quality & accuracy of work Willingness to explore and learn B.S. degree in Computer Science or a related field, or equivalent work experience At least 5 years of R&D experience In depth understanding of common security vulnerabilities, CVSS scoring, vulnerability classification, detection and exploitation techniques In-depth protocol analysis and interaction. Expert level knowledge of common protocols such as HTTP, DNS, SSH, SMB, etc. and fuzzing Some prior experience performing open-ended research when given high-level requirements and details of the desired output Experience with pen-testing, researching, discovering, or publishing vulnerabilities Reverse engineering experience including basic binary analysis, packet capture analysis, and firmware analysis (using binwalk). Prior experience with debuggers, disassemblers or decompilers (e.g. IDA Pro, Immunity Debugger, gdb) One or more security related certifications (e.g. OSCP) Experience with systems administration and be comfortable working at the command line

#LI-Hybrid #LI-LP1