We're looking for an Application Security Researcher to join us. In this critical role, you will assist us in validating our services and environments according to the highest security standards. Also, You will work closely with our R&D and Product teams, and solve complex security problems.
Responsibilities:
Continuously checking and improving security measures to protect our systems.
Reviewing system architecture, design, and code to find and fix security weaknesses before they become a problem.
Helping developers follow secure coding practices and learn how to prevent security risks.
Staying updated on new security threats and best practices to keep our security standards high.
Contributing to our companys security research blog.

We are seeking a Senior Security Researcher - AI Security to join our highly technical product research team working at the core of our cloud security platform. This is a rare opportunity to define a new discipline. AI security is an emerging field with few established playbooks, and you will help write them. In this role, you will own the research direction for AI security across Tenable's platform, uncovering novel risks in AI-native systems and translating that knowledge into product capabilities and industry-leading research. You'll be surrounded by experienced researchers and engineers who live and breathe security, with the space and backing to do original work in a domain that is rapidly evolving.
We're looking for an exceptional security researcher who can navigate ambiguity, think like an attacker, and bring clarity to a space that lacks it. You're curious, technically deep, and energized by the challenge of defining risk in systems that are still being understood.

Your Role:

Be at the forefront of an emerging discipline. Conduct technical analysis of AI frameworks, services, and architectures to discover novel risks, vulnerabilities, and attack vectors before they become industry-wide problems .
Define AI security risk by analyzing how exposure is created and exploited in AI systems. Collaborate with engineering and product teams to translate AI research into product findings.
Evaluate the risk of pre-trained models, vector databases, and orchestration frameworks (e.g., LangChain, LlamaIndex) to define how shadow AI creates organizational exposure.
Author blogs, whitepapers, and technical advisories that set the industry narrative. Present original research at leading conferences and serve as Tenable's external voice on AI risk topics.
Analyze AI systems from an attacker's perspective to define trust boundaries, map attack techniques, and identify exploitable paths. Translate findings into product features and outbound research.
Investigate and analyze AI infrastructures and services to find 0-day vulnerabilities, security holes, weaknesses, and design flaws.

We are looking for a Security Researcher who thrives on both sides of the fence. You will develop offensive tradecraft-discovering new attack vectors and writing exploits-then use that perspective to engineer robust, product-level mitigations. If youre energized by finding a novel browser attack on Monday and shipping the defense for it by Friday, this role is for you.
Key Responsibilities
Offensive Research: Discover new attack vectors, abuse patterns, and security gaps in browsers, web applications, OS internals, and enterprise workflows.
Defensive Engineering: Design and implement detections, mitigations, and security policies informed by your offensive findings; close the loop from attack to protection.
Vulnerability & Malware Analysis: Perform reverse engineering on malware, exploits, and obfuscated code across Windows, macOS, and browser environments.
Web & Browser Security: Research techniques ranging from classic vulnerabilities (XSS, SSRF) to browser-specific primitives (extension abuse, DOM manipulation, same-origin bypasses).
Supply-Chain Security: Investigate threats in software supply chains, including browser extension marketplaces and package registries.
Threat Intelligence: Correlate signals across multiple sources to identify malicious infrastructure and adversary TTPs.
Public Impact: Write technical blog posts, publish research, and represent Island at major security conferences (Black Hat, DEF CON, etc.).

The Cloud Research team is an integral part of the Falcon Cloud Security product, tasked with the critical mission of safeguarding cloud environments through innovative detection and response capabilities. This team is works in unison to ensure our customers cloud environments are secure against the ever-changing threats in the security landscape.

As a senior researcher on the team, you will play a pivotal role in conducting security research, and translating it directly into security value for our customers.

This role provides a unique opportunity to join a team with strategic importance for protecting our customers from emerging threats and novel attack methodologies in cloud environments.

You will also get to work with vast datasets, have a direct impact on the efficacy and evolution of our detections, and play a decisive role in the strategic direction of our product development. Your contributions will enable continuous improvement of our cloud detection capabilities ensuring our customers are secured with the most advanced security measures.

What You'll Do:

Initiate and conduct Cloud Research Initiatives: follow the threat landscape to identify trends in the realm of cloud infrastructure security, threat actors, novel attack approaches, and vulnerabilities in cloud-based and/or cloud-native environments and workloads.

Research threats and vulnerabilities in cloud provider infrastructure and containerized applications and workloads.

Develop advanced cloud security models: Create sophisticated models and frameworks for identifying and mitigating new types of cloud threats, focusing on predictive analytics and proactive threat hunting methodologies.

Collaborate with cross-functional teams: Work closely with various teams, including engineering, product management, detection engineering, and threat intelligence to drive cloud detections in the Falcon platform.

Provide cloud security thought leadership: Share insights and best practices with the broader security community through publications, conference presentations, and technical blogs.

Were looking for Principal Cloud Security Researcher with a strong security background to join our innovative Research team.
The Role
We're looking for a Principal Cloud Security Researcher to serve as a senior technical leader within our Research team. This is a high-impact individual contributor role -- you won't manage people, but you'll shape the direction of our entire research function, mentor researchers, and act as a force multiplier across the organization.
You'll be the person who takes a vague threat signal and turns it into a detection strategy, a published finding, or a product capability. You'll operate as a trusted deputy to the research team lead, owning the most complex and ambiguous research challenges while raising the technical bar for the team.
What You'll Do
Drive Groundbreaking Research
Own and drive our most critical research initiatives end-to-end - from initial threat hypothesis through detection logic, product integration, and external publication.
Set the technical direction for cloud threat research across AWS, Azure, and GCP, identifying emerging attack surfaces and novel techniques before they become mainstream threats.
Investigate real-world cloud and SaaS security incidents, dissecting attacker tradecraft and extracting insights that evolve our detection capabilities.
Pioneer new forensic investigation techniques and detection methodologies for cloud-native and SaaS environments - pushing the state of the art, not just following it.
Be a Voice in the Community
Represent our company as a thought leader through high-quality research publications, conference presentations (BlackHat, DEF CON, RSA, fwd:cloudsec, and similar venues), and open-source contributions.
Build and maintain our reputation as a research-driven company that advances the field - not just a vendor with a blog.
Engage with the broader security research community, fostering relationships and collaborative knowledge-sharing.
Shape the Product
Bridge research and product - translate threat findings into actionable product requirements, working closely with engineering and product teams to ensure our CDR platform stays ahead of evolving threats.
Design and develop advanced detection algorithms that directly feed into our platform, closing the gap between research insight and customer protection.
Elevate the Team
Act as the team's go-to technical authority. When researchers hit a wall on complex cloud attack chains, IAM edge cases, or detection gaps - you're who they turn to.
Mentor and grow other researchers through research reviews, pair investigations, code reviews, and by setting quality standards and methodology best practices.
Influence technical decisions org-wide - contributing to architecture, tooling, and strategic research priorities.
Step in as the research team lead's deputy when needed - driving prioritization, representing research cross-functionally, and ensuring continuity.

Required Security Researcher
The Dream Job
We are on an expedition to find you, someone who is passionate about creating intuitive, out-of-this-world security research. You'll help us harness the power of our trillions of security signals to rapidly diagnose and alert the latest attacker behaviors, drive critical context-rich signals, construct new tools and automations to support customers, identify threats, and detect advanced attacker techniques.
The Dream-Maker Responsibilities
Analyze various network devices, configurations and security products
Implement methods and algorithms to discover network topology, relationships between devices and potential lateral movement paths
Conduct network security assessments to identify weaknesses in customers network infrastructure, and recommend mitigations to monitor and limit unauthorized access
Develop research tools and frameworks to perform automatic analysis of network devices and security products
Research and analyze network-related cybersecurity threats and trends
Work closely with other internal engineering and AI teams to integrate new capabilities into our platform and guide cross-product architectural decisions
Act as a security subject matter expert for multidisciplinary teams.

we are seeking a highly motivated and talented XDR Research Engineer to join our XDR Research team. In this role, you will develop advanced detection logic to identify and analyze security threats across the company XDR platform. Leveraging the rich data available in the company Cloud data lake, you will conduct extensive research and threat-hunting activities to broaden our detection capabilities and proactively uncover previously unknown threats.
Your work will directly influence the evolution of our companys XDR capabilities and strengthen the security posture of thousands of global customers.
This is an exceptional opportunity for security professionals passionate about Network Security, Detection Engineering, Malware Analysis, and Threat Hunting who want to make a meaningful impact on a fast-growing cybersecurity environment.
Responsibilities
Develop advanced detection logic for the XDR platform to identify security threats.
Conduct research using our company Cloud data, competitive intelligence, and newly published threat reports to expand detection coverage.
Create hunting heuristics and methodologies to uncover unknown or emerging threats.
Continuously improve detection accuracy and enhance the platforms ability to identify threats in a dynamic security landscape.
Participate in cybersecurity breach investigations and security incident activities.
Contribute to technical blogs and PR materials, and participate in cybersecurity conferences.

As the Code & AI Security Research Manager, you will lead an elite team in redefining trust for an era of agentic automation and hyper-connected supply chains. You will serve as a technical lighthouse and strategic leader, managing a high-performance team to secure the core of modern engineering. Your mission is to bridge deep technical research with product innovation, ensuring our customers' security posture evolves faster than the way they build software.
Key Responsibilities
Lead, mentor, and empower a team of world-class security researchers to pioneer AI-native security strategies.
Define the vision for identifying and mitigating novel attack vectors targeting coding agents and autonomous development workflows.
Oversee the evolution of traditional code vulnerabilities into proactive, self-healing workflows that fix issues before they reach a pull request.
Drive deep-dive research into software supply chain vulnerabilities, including CI/CD pipeline risks and third-party package security.
Proactively collaborate with Product and Engineering leaders to integrate research findings into core platform detection and remediation logic.
Establish the team as a global thought leader by overseeing original research publications, influential blog posts, and conference presentations.

Were looking for a top-notch Threat Detection Researcher to join our team and spread the power of our company. In this role, you will further develop the company Runtime Sensor as part of our threat research team.
WHAT YOULL DO
Develop detections and tools to protect customers from cloud threats
Investigate attacks on cloud environments and malware targeting cloud workloads
Hunt and analyze real-world attacks and emerging cloud threats
Collaborate closely with the R&D team to transform research insights into product features
Work with customers in response to requests related to suspicious activity or potential incidents
Create best practices and security policies based on research findings
Deliver external-facing content (blog posts and talks at security conferences) based on security insights and novel research.