Staff Vulnerability Researcher, Cloud Security

About Tenable

Tenable® is the Exposure Management company, with 44,000 organizations globally relying on us to understand and reduce cyber risk. Our global workforce supports a significant portion of the Fortune 500, Global 2000, and large government agencies. Join our innovative team!

Why Tenable is a Great Place to Work

Our people are our greatest asset. We collaborate to build best-in-class cybersecurity solutions for our customers, fostering a culture of belonging, respect, and excellence. As part of our #OneTenable team, you’ll work with talented and passionate individuals, receiving the support and resources needed to do impactful work. We achieve results and celebrate success together!

Tenable Cloud Security was formed through the acquisition of Ermetic, a leading cloud-native application protection platform (CNAPP) and CIEM provider. This move significantly advances Tenable’s mission to enable proactive security, offering market-leading contextual risk visibility, prioritization, and remediation across both on-premises and cloud infrastructures.

Your Opportunity as a Staff Vulnerability Researcher, Cloud Security

Tenable Cloud Security is seeking a Staff Vulnerability Researcher. In this role, you will investigate various cloud assets, roles, relations, and configurations to discover 0-day vulnerabilities in major cloud providers and technologies. You will drive innovation, tackle complex challenges, and develop strategies for both offensive and defensive cloud security. Furthermore, you will be instrumental in expanding Tenable Cloud Security’s technical expertise. This includes presenting your original research at conferences, authoring papers and blogs, and developing open-source cloud security tools and solutions.

If you possess a curious, creative, and technical mindset, coupled with an attacker’s perspective, strong systemic thinking, and a passion for deep technical analysis, we encourage you to apply.

Key Responsibilities

• Investigate and analyze the multi-cloud stack to identify 0-day vulnerabilities, security holes, weaknesses, and design flaws.
• Monitor emerging security threats, author blogs on novel research, publish content, and speak at industry conferences.
• Conduct in-depth technical research on cloud platforms to generate new insights, theories, analyses, and TTPs (Tactics, Techniques, and Procedures).
• Serve as a technical leader and key contributor for a research team focused on exploring emerging cloud technologies and services.

What We’re Looking For

• 7+ years of experience in cybersecurity research, vulnerability research, or offensive security.
• Proven track record of finding vulnerabilities and publishing research findings.
• Experience with and strong knowledge of high-level systems, web applications, and application security.
• Experience with and knowledge of cloud environment architecture (AWS, Azure, GCP).
• Highly motivated, excellent self-learner, curious, responsible, and independent.
• Strong communication skills – both written and verbal.

Ideally, You’ll Also Have

• Previous experience presenting your work at industry conferences.
• Experience with Kubernetes and container technology.
• Solid programming skills in at least one language (C, C++, Python, GO, Rust).
• B.Sc. or higher in Computer Science, Software Engineering, Mathematics, or an equivalent professional background.
• Experience with data/security analysis.

Equal Employment Opportunity

Tenable is committed to promoting Equal Employment Opportunity (EEO) through all applicable international, federal, state, and local laws and regulations. If you require a reasonable accommodation due to a disability during the application or recruiting process, please contact Recruiting@Tenable.com for assistance.

Key Skills/Competency

• Vulnerability Research
• Cloud Security
• Offensive Security
• AWS
• Azure
• GCP
• 0-day Exploitation
• System Architecture
• Application Security
• Cybersecurity Threat Intelligence