Research Engineer - Cloud Security

Research Remote, United States


Your Role:

Tenable is not only building great products and carving out a completely new category, but we are also building a world-class engineering culture, and committed to hiring the very best. We are seeking a Research Engineer  to join our Product Research Engineering team, focusing on developing proofs of concept that improve our product’s scanning capability . This is a highly technical, hands-on role in a technically stimulating and fast-paced environment! 

You will be working with various teams within Tenable, to build a first-of-its-kind platform that enables self-healing cloud native infrastructure by codifying security throughout the development lifecycle.

The ideal candidate is someone with a proven track record, sound technical knowledge and skills in developing enterprise products.

Your Opportunity:

  • Contribute directly to the build  secure solution to protect cloud native environments using policy as code (OPA REGO).
  • Collaborate with your team to define cloud native infrastructure guardrails.
  • Carry out research and come up with proofs of concepts that improve the scanning capability of Tenable’s Accurics product.
  • Curate (cloud security configuration) out of the box advisory databases. This is a semi-automatic task that includes reviewing, editing existing and adding new policies to the database while, at the same time, trying to automate repetitive tasks away as much as possible.
  • Build, develop and segregate policies to match relevant industry benchmarks (CIS, ISO, PCI, HIPPA)  to improve the automation of compliance of cloud environments.
  • Measure and Improve the efficacy of cloud security scanning and detection products over time.
  • Conduct code review of REGO (Policies) and Go backend code.
  • Build/develop/improve our solutions in the area of IaC and runtime cloud misconfigurations.
  • Assess Accurics  product output results and conduct root cause analysis to improve efficacy.
  • Respond to internal and external customer inquiries on cloud misconfigurations and related topics.

What You’ll Need:

  • Bachelor’s or Master’s in Information Technology, Computer Science, or related ( or able to showcase good understanding of IT concept).
  • Experience codifying solutions in any programming language - we use a lot of Python and Go.
  • Knowledge of foundational information security concepts.
  • Knowledge of the GIT workflow.
  • Knowledge of services offered by any one of the major cloud providers (AWS, Azure, GCP).
  • You have a passion for security and open source.
  • You are a team player, and enjoy collaborating with cross-functional teams.
  • You are a great communicator (written and verbal).
  • You employ a flexible and constructive approach when solving problems.
  • You are curious and like to explore & experiment.
  • Ability to work independently in a remote setting.

And Ideally:

  • Knowledge of kubernetes is a plus but not essential.
  • Knowledge of Infrastructure as Code technologies is a plus.

If you’ve reached this point in the job description and feel you’re still not sure if you should apply…Just do it! We know there are no perfect applicants. You may not have 100% of all those bullets listed above - and that’s okay. If you’re feeling like you’re not going to fit in with our teams - that’s not ok. We're One Tenable which means however you identify and whatever background you bring with you, we encourage you to submit an application if it’s a role you can be passionate about doing every day.

We’re committed to promoting Equal Employment Opportunity (EEO) at Tenable - through all equal employment opportunity laws and regulations at the international, federal, state and local levels.