Staff Vulnerability Researcher - Office of the CTO

The Staff Vulnerability Researcher will be involved with researching existing vulnerabilities, looking for new vulnerabilities, and developing checks/plugins to detect these vulnerabilities via our products. This role will involve some interfacing with stakeholders outside the Research team.

Your Opportunity:

• Works on complex research and development initiatives
• Implements advanced detection logic while minimizing false positives & false negatives
• Participates in detection logic discussions and the research of new methods for detection
• Interfaces with stakeholders on externalizing the outcomes of some of the research
• Helps / trains other researchers, when needed
• Keep abreast with the advancements and developments in the security industry and perform original research to keep our customers secure
• Develop detection scripts for Tenable’s sensors (Nessus vulnerability scanner and others) based on the research findings
• Research and develop methods of detection for additional services and products from different vendors

• May perform other duties and responsibilities that management may deem necessary from time to time

What You'll Need:

• B.S. degree in Computer Science or a related field, or equivalent work experience
• At least 5 years of R&D experience
• In depth understanding of common security vulnerabilities, CVSS scoring, vulnerability classification, detection and exploitation techniques
• In-depth protocol analysis and interaction. Expert level knowledge of common protocols such as HTTP, DNS, SSH, SMB, etc. and fuzzing
• Some prior experience performing open-ended research when given high-level requirements and details of the desired output
• Experience with pen-testing, researching, discovering, or publishing vulnerabilities
• Reverse engineering experience including basic binary analysis, packet capture analysis, and firmware analysis (using binwalk). Prior experience with debuggers, disassemblers or decompilers (e.g. IDA Pro, Immunity Debugger, gdb)
• Experience with C or C++, Assembly (x86/x64 and/or ARM/ARM64) and / or scripting languages
• One or more security related certifications (e.g. OSCP)
• At least a years’ experience with Nessus Sensor and working with the NASL language
• An understanding of NASL coding standards
• Prior experience performing open-ended research when given high-level requirements and details of the desired output
• Some experience with reviewing code and providing feedback
• Experience with understanding and implementing RFC standards and protocols.
• Experience with Python programming language
• Experience with systems administration and be comfortable working at the command line
• In depth understanding of common security vulnerabilities, CVSS scoring, vulnerability classification, detection and exploitation techniques
• In-depth protocol analysis and interaction. Expert level knowledge of common protocols such as HTTP, DNS, SSH, SMB, etc. and fuzzing
• Some prior experience performing open-ended research when given high-level requirements and details of the desired output
• Some exposure to security standards such as NIST 800-53, CIS, or DISA STIGS
• In-depth protocol analysis and interaction. Solid knowledge of common protocols such as HTTP, DNS, SSH, SMB, etc. and fuzzing
• Experience with crash dump analysis and exploit development
• Experience writing blogs and whitepapers to showcase research as well as presenting at security conferences

• Ability to sit and work at a computer for extended periods of time
• Some travel may be required