Product Detection Engineer

Censys’ mission is to be the one place to understand everything on the internet. Frustrated by the lack of trustworthy Internet intelligence, we set out to create the industry’s most comprehensive, accurate, and up-to-date map of the Internet. Today, Censys delivers real-time Internet intelligence and actionable threat insights to global governments, over 50% of the Fortune 500, and leading threat intelligence providers worldwide.

Location: This position is remote within the United States.

Censys is looking for a Product Detection Engineer to join our Research and Threat Analysis team. This is not a typical corporate detection engineer role. This role will work within the Censys dataset to primarily fingerprint software and services in the Censys Internet Intelligence Platform - like a SIEM for Censys scan data. In a number of cases, the detection engineer will have to work with members of our research team to figure out how we can label C2 at scale, discover anomalies across infrastructure, interpret patterns and limitations of our rules engine, etc.

This role will also be responsible for deploying "Risks" in our Attack Surface Management product - effectively an alert for our ASM customers to consume and action downstream. Additionally, you will work directly with our ASM and Data engineering teams to provide guidance on building and scaling the tooling and frameworks used to provide software coverage, risks, and threats across our offerings.

• Research and develop custom fingerprints against Censys scan data to further enrich and contextualize services and infrastructure running on the Internet.
• Consult with the Data engineering team for implementing possible changes to scanning targets, payloads, and collection of data to further increase the fidelity and accuracy of identification of software and hardware versions and models.
• Coordinate with our Go-to-Market and Sales teams to facilitate researching and fingerprinting of emerging vulnerabilities, threats, and high-priority detections.
• Participate in on-call rotations to ensure 24x7 coverage of hi-impact, critical security vulnerabilities

• Bachelor's degree in Computer Science, Data Science, Engineering, or other technical discipline (or equivalent professional experience).
• 5+ years of experience in security research/systems security/network security or a similar field.
• Experience with protocol analysis and in-depth knowledge of common protocols such as TLS, HTTP, SSH, SMB, SMTP
• High-level understanding of common network security vulnerabilities, CVSS scoring and exploit techniques.
• Experience exploring active scan data using tools such as Censys Search, Shodan, or similar; and/or experience with data analysis tools such as Google BigQuery.
• Proficient with regular expressions and other pattern-matching expressions.
• Experience in at least one scripting/programming language with a preference for Go and Python.
• Ability to concisely communicate complex subject matter to technical and non-technical audiences.
• Ability to work independently as a researcher while being part of a larger cross-functional team.

Salary ranges: For high cost of living areas, the expected salary range is $180,000 - $233,000. For all other locations, the expected salary range is $153,000 - $198,000.

In addition to our compensation package, benefits are effective on day one and include 401k match, health, vision, dental, and more. Please see our careers page for more details.

Our roots are in Ann Arbor, Michigan and our innovation is fueled by the team’s global perspectives. For this role, we are open to remote employees across the continental US.

We value diversity and are committed to creating an inclusive environment for all employees. Censys is an equal opportunity employer.

Voluntary self-identification information may be requested for government reporting purposes. Completion is voluntary and will not affect hiring decisions. Any information provided will be kept confidential. See our Equal Employment Opportunity policy for details.