Staff Vulnerability Researcher - Office of the CTO

Who is Tenable?

Tenable® is the Exposure Management company. 44,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. Our global employees support 65 percent of the Fortune 500, 45 percent of the Global 2000, and large government agencies. Come be part of our journey!

What makes Tenable such a great place to work?

Ask a member of our team and they’ll answer, “Our people!” We work together to build and innovate best-in-class cybersecurity solutions for our customers; all while creating a culture of belonging, respect, and excellence where we can be our best selves. When you’re part of our #OneTenable team, you can expect to partner with some of the most talented and passionate people in the industry, and have the support and resources you need to do work that truly matters. We deliver results that exceed expectations and we win together!

Your Role:

The Staff Vulnerability Researcher will be involved with researching existing vulnerabilities, looking for new vulnerabilities, and developing checks/plugins to detect these vulnerabilities via our products. This role will involve some interfacing with stakeholders outside the Research team.

Your Opportunity:

• Works on complex research and development initiatives
• Implements advanced detection logic while minimizing false positives & false negatives
• Participates in detection logic discussions and the research of new methods for detection
• Interfaces with stakeholders on externalizing the outcomes of some of the research
• Helps / trains other researchers, when needed
• Keep abreast with the advancements and developments in the security industry and perform original research to keep our customers secure
• Develop detection scripts for Tenable’s sensors (Nessus vulnerability scanner and others) based on the research findings
• Research and develop methods of detection for additional services and products from different vendors

• May perform other duties and responsibilities that management may deem necessary from time to time

What You'll Need:

• B.S. degree in Computer Science or a related field, or equivalent work experience
• At least 5 years of R&D experience
• In depth understanding of common security vulnerabilities, CVSS scoring, vulnerability classification, detection and exploitation techniques
• In-depth protocol analysis and interaction. Expert level knowledge of common protocols such as HTTP, DNS, SSH, SMB, etc. and fuzzing
• Some prior experience performing open-ended research when given high-level requirements and details of the desired output
• Experience with pen-testing, researching, discovering, or publishing vulnerabilities
• Reverse engineering experience including basic binary analysis, packet capture analysis, and firmware analysis (using binwalk). Prior experience with debuggers, disassemblers or decompilers (e.g. IDA Pro, Immunity Debugger, gdb)
• Experience with C or C++, Assembly (x86/x64 and/or ARM/ARM64) and / or scripting languages
• One or more security related certifications (e.g. OSCP)
• At least a years’ experience with Nessus Sensor and working with the NASL language
• An understanding of NASL coding standards
• Prior experience performing open-ended research when given high-level requirements and details of the desired output
• Some experience with reviewing code and providing feedback
• Experience with understanding and implementing RFC standards and protocols.
• Experience with Python programming language
• Experience with systems administration and be comfortable working at the command line
• In depth understanding of common security vulnerabilities, CVSS scoring, vulnerability classification, detection and exploitation techniques
• In-depth protocol analysis and interaction. Expert level knowledge of common protocols such as HTTP, DNS, SSH, SMB, etc. and fuzzing
• Some prior experience performing open-ended research when given high-level requirements and details of the desired output
• Some exposure to security standards such as NIST 800-53, CIS, or DISA STIGS
• In-depth protocol analysis and interaction. Solid knowledge of common protocols such as HTTP, DNS, SSH, SMB, etc. and fuzzing
• Experience with crash dump analysis and exploit development
• Experience writing blogs and whitepapers to showcase research as well as presenting at security conferences

• Ability to sit and work at a computer for extended periods of time
• Some travel may be required

We’re committed to promoting Equal Employment Opportunity (EEO) at Tenable - through all equal employment opportunity laws and regulations at the international, federal, state and local levels. If you need a reasonable accommodation due to a disability during the application or recruiting process, please contact [email protected] for further assistance.

Tenable Data Consent Statement

Tenable is committed to protecting the privacy and security of your personal data. This Notice describes how we collect and use your personal data during and after your working relationship with us, in accordance with the General Data Protection Regulation (“GDPR”). Please click here to review.

For California Residents: The California Consumer Privacy Act (CCPA) requires that Tenable advise you of certain rights related to the collection of your private information. Please click here to review.