Detection Development Engineer

Censys knows the internet and cloud better than anyone else. Attack Surface Management provides customers with an attacker-centric view of all externally facing internet and cloud to extend visibility, prioritize, and remediate the most critical risk exposures that will actually lead to a breach. Our daily IPv4 scans and the world’s largest SSL/TLS Certificate database enable customers with the most accurate and continuously updated attack surfaces. Enterprise security teams leverage Censys to keep pace with the speed of the business and gain an advantage over the rapidly evolving cyber-attack threats.

Role Summary

Censys is looking for a Detection Engineer, Security Research Engineer, or Software Engineer to join our engineering team. You’ll be focused on increasing our risk and threat detection coverage and vulnerability database by seeking out and fingerprinting software, vulnerabilities, and emerging threats. You will also help conduct reconnaissance to help expand our capabilities to capture, monitor, and properly identify Internet resources. You will work directly with our scanning team to provide guidance on building and scaling the tools, active scanning infrastructure, and frameworks used to provide software coverage, risks, and threats in our Internet Intelligence Platform. 

What you'll do

• Research and develop custom fingerprints against Censys scan data to further enrich and contextualize services and infrastructure running on the Internet.
• Consult with the Scanning Team for implementing possible changes to scanning targets, payloads, and collection of data to further increase the fidelity and accuracy of identification of software and hardware versions and models.
• Coordinate with our Rapid Response team to facilitate researching and fingerprinting of emerging vulnerabilities and threats.

Qualifications

• Bachelor's degree in Computer Science, Data Science, Engineering, or other technical discipline (or equivalent professional experience).
• 1+ years of experience in security research/systems security/network security or a similar field.
• Experience with protocol analysis and in-depth knowledge of common protocols such as TLS, HTTP, SSH, SMB, SMTP.High-level understanding of common network security vulnerabilities, CVSS scoring and exploit techniques.
• Experience exploring active scan data using tools such as Censys Search, Shodan, or similar; and/or experience with data analysis tools such as Google BigQuery.
• Proficient with regular expressions and other pattern-matching expressions.
• Ability to concisely communicate complex subject matter to technical and non-technical audiences.
• Ability to work independently as a researcher while being part of a larger cross-functional team.

Our target salary range for this role is between $147,000 USD and $180,000 USD + bonus eligibility and equity.

Our roots are in Ann Arbor, Michigan with location hubs in Seattle, the Bay Area, Washington D.C., and Dublin, Ireland. Our innovation is fueled by the team’s global perspectives and diverse backgrounds. 

Don't meet every single requirement? Studies have shown that women and people of color are less likely to apply to jobs unless they feel they meet every qualification. At Censys we are dedicated to building a diverse, inclusive, and authentic workplace - so if you're excited about this role but your past experience doesn't align perfectly with every listed requirement in the job description, we encourage you to apply anyways. You may be exactly who we need to fill this role or others! 

We value diversity and are committed to creating an inclusive environment for all employees. Censys is an equal opportunity employer.