Senior Security Researcher - Cloud Threats

Who is Tenable?

Tenable® is the Exposure Management company. 44,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. Our global employees support 65 percent of the Fortune 500, 45 percent of the Global 2000, and large government agencies. Come be part of our journey!

What makes Tenable such a great place to work?

Ask a member of our team and they’ll answer, “Our people!” We work together to build and innovate best-in-class cybersecurity solutions for our customers; all while creating a culture of belonging, respect, and excellence where we can be our best selves. When you’re part of our #OneTenable team, you can expect to partner with some of the most talented and passionate people in the industry, and have the support and resources you need to do work that truly matters. We deliver results that exceed expectations and we win together!

Your Opportunity

Tenable Cloud Security is seeking a Senior Security Researcher - Cloud Threats to join our highly technical product research team working at the core of our cloud security platform.

This is a rare opportunity to join an elite cloud security research team and do work that directly shapes our product. In this role, you will own the research direction for our Cloud Detection and Response (CDR) capabilities, designing detection strategies across agentless and agent-based telemetry, expanding coverage across cloud attack surfaces, and developing prioritization mechanisms that help customers focus on what matters.

You will perform novel security research to uncover attacker behavior, develop detection methodologies, and apply detection-as-code principles to build production-grade detections. Beyond product work, you'll contribute to Tenable's external thought leadership, writing and speaking about cloud threats, adversary tradecraft, and detection methodologies.

We're looking for an exceptional, adversary-focused security researcher who can bridge threat intelligence, cloud security knowledge, and detection engineering. You're curious, comfortable with ambiguity, and driven to understand how attackers operate in cloud environments.

Your Role

• Own the research direction for Cloud Detection and Response (CDR), driving the vision for how we detect and respond to cloud threats.
• Design detection strategies across agentless and agent-based telemetry sources, focusing on quality and detecting what matters.
• Perform novel security research to uncover attacker tradecraft, techniques, and behaviors in cloud environments, informing both product direction and external research.
• Apply detection-as-code principles to build production-grade detections that ship directly in the Tenable Cloud Security platform.
• Stay current with emerging cloud threats and translate threat intelligence into actionable detection logic and product capabilities.
• Write and speak about cloud threats, adversary tradecraft, and detection methodologies to strengthen Tenable's voice in cloud security.
  
  

• 5+ years of experience in threat research, cloud security research, or detection engineering
• Strong understanding of attacker behavior, tradecraft, and threat intelligence
• Solid technical understanding of cloud platforms (AWS, Azure, GCP), how attackers operate in them, and cloud-native telemetry
• Experience building or designing security detections, with familiarity in detection-as-code principles
• Highly motivated, curious, and able to work independently in ambiguous problem spaces
• Strong communication skills, written and verbal, with the ability to articulate technical findings and opinions clearly
  
  

• Experience with detection languages or frameworks (YARA, Sigma, Rego, or similar)
• Background in malware research, offensive security, or incident response
• Track record of published threat research, conference talks, or technical blog posts