Staff Research Engineer - CC Assembly Reverse Eng

Who is Tenable

Tenable is the Exposure Management company. 44000 organizations around the globe rely on Tenable to understand and reduce cyber risk. Our global employees support 65 percent of the Fortune 500 45 percent of the Global 2000 and large government agencies. Come be part of our journey!

What makes Tenable such a great place to work

Ask a member of our team and theyll answer Our people! We work together to build and innovate bestinclass cybersecurity solutions for our customers; all while creating a culture of belonging respect and excellence where we can be our best selves. When youre part of our #OneTenable team you can expect to partner with some of the most talented and passionate people in the industry and have the support and resources you need to do work that truly matters. We deliver results that exceed expectations and we win together!

Your Role:
Tenable is looking for a Staff Research Engineer to join our security research team. This position will involve leading the research of disclosed vulnerabilities looking for new vulnerabilities developing advanced checks/plugins to detect these vulnerabilities via our products and leading crossteam collaborative strategic initiatives across Tenable. The role would involve significant interfacing with stakeholders within and outside of Tenable while being highly technical in nature.
Your Opportunity:

• Leads complex research and development initiatives across Tenable and the industry
• Expertly implements advanced detection logic while minimizing false positives & false negatives and considering the economics of each alternative
• Leads/drives detection logic discussions and the research of new methods for detection thereby creating long term intellectual property for Tenable
• Interfaces with internal and external stakeholders on externalizing the outcomes of the research
• Participates in architecture & engine/sensor roadmap/planning discussion
• Mentors team members and helps other researchers & engineers when needed

What Youll Need:

• Ability to work independently as a researcher as well as part of a team leading the effort on most projects while also being an active member of the team on other initiatives
• Keep abreast with the advancements and developments in the security industry and perform original research to keep our customers secure
• Develop advanced detection scripts for Tenables sensors (Nessus vulnerability scanner and others) based on the research findings
• Research and develop methods of detection for additional services and products from different vendors
• Demonstrably strong programming and scripting skills in three or more languages
• Significant experience in showcasing original research externally via blogs whitepapers conference presentations PR interviews etc.
• Ability to work independently as a researcher as well as part of a larger team.
• Is an expert in at least 3 platforms (Windows MacOS Linux HPUX etc. and has consistently showcased diversity of research in 4 or more software types (host network cloud OT IoT mobile etc.
• Is recognized by peers as someone with stellar communication skills
• Adaptable and able to shift priorities among initiatives as needed
• Obsessed with quality & accuracy
• Strong team player
• Ability to take calculated risks when dealing with limited requirements
• Initiative and drive to explore and learn continually
• Significant experience working with enterprise customers
• Degree in Computer Science or a related field or equivalent work experience
• At least 10 years of R&D experience
• In depth understanding of common security vulnerabilities CVSS scoring vulnerability classification detection and exploitation techniques.
• Indepth protocol analysis and interaction. Expert level knowledge of common protocols such as HTTP DNS SSH SMB etc. and fuzzing
• Prior experience leading and performing openended security research when given highlevel requirements and details of the desired outcome
• Experience with pentesting researching discovering or publishing vulnerabilities
• Solid reverse engineering experience including binary analysis packet capture analysis and firmware analysis (using binwalk). Prior experience with debuggers disassemblers or decompilers (e.g. IDA Pro Immunity Debugger gdb)
• Prior experience working with external vendors on coordinated vulnerability disclosures creating security advisories etc.
• Experience with C or C Assembly (x86/x64 and/or ARM/ARM64 and scripting languages
• One or more security related certifications (e.g. OSCP)
• Experience with systems administration and be comfortable working at the command line

#LIHybrid

#LILP1

Were committed to promoting Equal Employment Opportunity (EEO) at Tenable through all equal employment opportunity laws and regulations at the international federal state and local levels. If you need a reasonable accommodation due to a disability during the application or recruiting process please contact for further assistance.

Tenable Data Consent Statement

Tenable is committed to protecting the privacy and security of your personal data. This Notice describes how we collect and use your personal data during and after your working relationship with us in accordance with the General Data Protection Regulation (GDPR). Please click here to review.

For California Residents: The California Consumer Privacy Act (CCPA) requires that Tenable advise you of certain rights related to the collection of your private information. Please click here to review.