Senior Security Research Scientist
Conducts internet-wide security research using scan data to identify trends, vulnerabilities, and threats. Analyzes large datasets with tools like BigQuery and Snowflake, partners with engineering teams, and shares insights publicly. Requires deep knowledge of internet protocols.
What you’ll do:
- Conduct Internet measurement research using Censys’ Internet-wide scan data; identify and analyze Internet-wide trends with a focus on findings with interesting security implications.
- Partner with Research and Product to deliver new security prototypes to customers as well as to guide where we should develop new products.
- Inspect, mine, transform, and analyze large datasets to identify patterns and trends to further support engineering efforts such as predictive modeling of scan targets, software and hardware identification, vulnerability detection, threat actor identification, and more.
- Work closely with multiple engineering teams to help inform technical decision making in regards to providing better coverage, context, and insights.
- Assist in data classification and dataset interrogation using techniques such as entity and identity resolution, cluster, data gap analysis, and others.
- As needed, serve as a public face for Censys by sharing knowledge and expertise around how Internet-wide security trends impact our customers across the public and private sectors, as well as the broader global security community
- Other duties as assigned
What you bring:
- Thorough understanding of Internet protocols and technologies, not just how they’re used but how they work. This includes fundamentals such as TCP/IP, HTTP, TLS, etc.
- High proficiency in using analytical databases and warehouse such as Google BigQuery, Snowflake, etc. to interrogate large datasets.
- Ability to conceive, execute, and derive actionable insights from measurements that involve Internet-wide scanning and data collection by using infrastructure to conduct experiments.
- Have strong communication skills and can explain complex technical concepts to other engineers, designers, and product managers.
Bonus Points:
- Familiarity and comfort working in a Linux based environment.
- Basic understanding of design and implementation of fault-tolerant distributed systems.
- Collaborate and communicate well with other engineers working on related systems.
- Enjoy technical architecture discussions and want to help drive technical decision making within the team.
- Continually improve skills, technical approaches, and familiarity with new technologies to help contribute to the success of the team.
Compensation:
For high cost of living areas (San Francisco Bay, New York City, and Seattle), the expected salary range for this position is $180,000 USD - $212,000 USD, plus bonus eligibility and equity.
For other US locations, the expected salary range for this position is $153,000 USD - $180,000 USD, plus bonus eligibility and equity.
Senior Privacy Engineer
Lead privacy engineering projects protecting user data across search, browser, and AI features. Own major privacy components, participate in audits, and mentor engineers using Go, Node.js, Python, or Perl.
Product Security Engineer
Product Security Engineer embedding into engineering workflows to conduct architecture reviews, threat modeling, and penetration testing coordination while serving as GCP security SME. Requires 5-7 years experience and strong GCP and Python skills.
Senior Security Engineer, GRC
Senior GRC engineer owning customer security questionnaires, compliance automation, risk assessments, and policy management across SOC 2, ISO 27001, and HIPAA. Requires 8+ years experience, scripting skills, and strong customer-facing communication.
Director, Product Security Engineering
Lead product security initiatives by embedding security into the SDLC, performing threat modeling, building security tooling, and mentoring teams. Requires 8-10+ years of product security experience and deep expertise in cloud, application, and mobile security.