Product Detection Engineer

Company Background Censys’ mission is to be the one place to understand everything on the internet. Frustrated by the lack of trustworthy Internet intelligence, we set out to create the industry’s most comprehensive, accurate, and up-to-date map of the Internet. Today, Censys delivers real-time Internet intelligence and actionable threat insights to global governments, over 50% of the Fortune 500, and leading threat intelligence providers worldwide. Location: This position is remote within the United States. Role Summary Censys is looking for a Product Detection Engineer to join our Detection and Response team within our Research organization. This is not a typical corporate detection engineer role. This role will work within the Censys dataset to fingerprint hardware, software, and services in the Censys Internet Intelligence Platform, as well as to develop detections for misconfigurations and vulnerabilities. In a number of cases, the detection engineer will work with members of our research team to identify adversary infrastructure, discover anomalies, interpret patterns and limitations of our rules engine, etc. What you'll do: Develop custom fingerprints against Censys scan data to enrich, contextualize, and uncover risks in services and infrastructure running on the Internet. Consult with the Data engineering team to implement improvements to our scanning infrastructure (e.g., identify changes to scanning targets, payloads, and collection of data) to increase the fidelity and accuracy of identification of software and hardware versions and models. Coordinate with our Go-to-Market and Sales teams to facilitate researching and fingerprinting of emerging vulnerabilities, threats, and high-priority detections. Participate in on-call rotations to ensure 24x7 coverage of hi-impact, critical security vulnerabilities. Qualifications: Bachelor's degree in Computer Science, Data Science, Engineering, or other technical discipline (or equivalent professional experience). 2+ years of experience in security research/systems security/network security or a similar field. Experience with protocol analysis and in-depth knowledge of common protocols such as TLS, HTTP, SSH, SMB, SMTP. High-level understanding of common network security vulnerabilities, CVSS scoring and exploit techniques. Experience exploring active scan data using tools such as Censys Search, Shodan, or similar; and/or experience with data analysis tools such as Google BigQuery. Proficient with regular expressions and other pattern-matching expressions. Experience in at least one scripting/programming language with a preference for Go and Python. Ability to concisely communicate complex subject matter to technical and non-technical audiences. Ability to work independently as a researcher while being part of a larger cross-functional team. For high cost of living areas (Seattle, San Francisco Bay Area, and NYC Metro), the expected salary range for this position is $173,000 - $193,000 USD, plus bonus eligibility and equity. For all other US locations, the expected salary range for this position is $151,000 - $179,000 USD, plus bonus eligibility and equity. Job level and actual compensation will be decided based on factors including, but not limited to, individual qualifications objectively assessed during the interview process (including skills and prior relevant experience, potential impact, and scope of role), market demands, and specific work location. The listed range is a guideline, and the range for this role may be modified. For roles that are available to be filled remotely, the pay range is localized according to employee work location by a factor of between 83% and 100% of range. Please discuss your specific work location with your recruiter for more information. Censys offers a competitive benefits package to employees, including equity, health, dental vision coverage, retirement with company contribution, parental leave, mental health we ... (truncated, view full listing at source)