URL

http://www.tenable.com

Headquarters

United States

Twitter

tenablesecurity

Facebook

TenableCareers

Company's Other Jobs

Click to view

WARNING! This job is awaiting verification or has expired and may no longer be applicable
Category

Other

Posted

2014-12-16 20:37

Description

Tenable Network Security, founded in 2002, provides continuous network monitoring to identify vulnerabilities, reduce risk and ensure compliance. Our products are relied upon by more than 20,000 organizations, including the entire U.S. Department of Defense and many of the world’s largest companies and governments --- -- we call this a start!

Our global expansion is creating job opportunities for creative thinkers who are wired for action and delivering big results. We’re also stacked with industry rock stars who are just as comfortable keynoting a conference or delivering a podcast as they are mentoring up-and-coming colleagues. But what our employees are most excited about is our products. Our market-defining technology provides continuous network monitoring to identify vulnerabilities, reduce risk and ensure compliance.

Position Description:

The Vulnerability Research Engineer is part of the Research Department. Tenable maintains a staff of engineers who keep track of all new publicized vulnerabilities and then develop 'plugins' for the Nessus vulnerability scanner. These 'plugins' are short programs that efficiently and accurately test scanned systems for the presence of the vulnerability. Often, being able to accurately test for the vulnerability involves analyzing vendor-supplied security patches, manually configuring vulnerable targets in a virtual environment, analyzing the system or application to reliably understand the impact of the vulnerability then developing a method to test for the vulnerability remotely. For this particular position, we’re looking for an engineer to focus solely on Web Application Security plugins.

Key Responsibilities:

  • Keep track of the newest published vulnerabilities
  • Analyze vendor-supplied security patches
  • Reproduce the conditions to exploit a vulnerability
  • Develop plugins to be utilized by Nessus that will recognize the presence of the vulnerability remotely

Requirements:

  • 2-4 years of security research experience, reverse engineering experience a plus
  • Strong knowledge of web app security, e.g. SQL injection, XSS, XXE, etc.
  • Excellent knowledge of web applications, protocols, and vulnerabilities and can quickly figure out how to test for a vulnerability safely and reliably, whether by using a published exploit or diffing source code
  • Experience with several programming languages and frameworks
  • Familiarity with PHP, ASP.NET, Java as well as Apache Struts are huge pluses
  • Basic system administration skills
  • Bachelor's degree in CS (or related) or equivalent work experience.

Must be authorized to work for any employer in the United States.

It is the commitment of Tenable to promote Equal Employment Opportunity (EEO) through adherence to equal employment opportunity laws and regulations at federal, state, and local levels to which Tenable is subject.

Application Info

Please sign in with Google or GitHub to view this job's application information. This is necessary to prevent companies from receiving excessive amounts of spam.

Country

United States


Tramcar - Toronto-Waterloo Region Corridor Jobs