Senior Security Researcher - Risk

Who is Tenable?

Tenable® is the Exposure Management company. 44,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. Our global employees support 65 percent of the Fortune 500, 45 percent of the Global 2000, and large government agencies. Come be part of our journey!

What makes Tenable such a great place to work?

Ask a member of our team and they’ll answer, “Our people!” We work together to build and innovate best-in-class cybersecurity solutions for our customers; all while creating a culture of belonging, respect, and excellence where we can be our best selves. When you’re part of our #OneTenable team, you can expect to partner with some of the most talented and passionate people in the industry, and have the support and resources you need to do work that truly matters. We deliver results that exceed expectations and we win together!

Your Role

Tenable Cloud Security is seeking a Senior Security Researcher - Risk Researcher to join our highly technical product research team working at the core of our cloud security platform. This is a rare opportunity to join an elite cloud security research team and do work that directly shapes our product. In this role, you will define how cloud risk is understood and modeled, lead the development of novel risk logic and scoring methodologies, and translate complex attack paths into meaningful insights for customers.

You will conduct deep technical research across cloud environments to uncover new attack vectors, analyze real-world exploitation paths, and contribute to building a unified view of risk across identity, infrastructure, and data layers. Your work will directly influence how we prioritize risk, reduce noise, and establish a clear “ground truth” for what truly matters in cloud security.

We are looking for an exceptional, adversary-focused researcher who can bridge cloud security knowledge, threat modeling, and data-driven risk analysis. You are curious, comfortable with ambiguity, and driven to deeply understand how attackers operate in modern cloud environments.

Your Opportunity

• Own Risk Across Tenable’s Cloud Security Platform: Define cloud risk by grounding findings in how exposure is actually created and exploited. Collaborate with engineering and product teams to introduce new data sources and signals that validate exposure. Establish a rigorous validation framework for risk logic to minimize noise and ensure high-fidelity alerts. Define the 'Ground Truth' for what constitutes a critical risk versus a theoretical vulnerability.
• Lead Novel Toxic Combination Logic: Conduct deep technical research to discover novel risks and attack vectors across identity, network, workload, and third-party data to produce attack paths. Work with teams across Tenable to develop and refine the quantitative scoring models that aggregate disparate signals (e.g., CVSS, EPSS, identity permissions) into a unified risk score.
• Lead Complex Discovery: Build resource, identity, and permission relationships to improve our asset inventory and relationship modeling. Understand customers requirements and ensure deliverables address real needs.
• Conduct Cloud Threat Modeling: Analyze services and architectures from an attacker’s perspective to define trust boundaries and data flows, and ensure the product covers newly identified attack paths. Present findings in blogs, reports, and leading industry conferences.
• Research Emerging Cloud Services: Evaluate new cloud services to establish secure configuration and architectural best practices where no prior guidance exists, and partner with PMs to deliver them through the platform.
• Shape Cloud Security Strategy: Provide a broad technical view across cloud domains to identify strategic gaps and drive product direction and features.
  
  

• 5+ years of hands-on experience in security research.
• Deep understanding of attacker mindset, tradecraft, and real-world exploitation techniques. , with a strong focus on exploitation and adversary-driven analysis.
• Strong technical background in cloud platforms (AWS, Azure, GCP), including how attackers operate within cloud environments.
• Proven experience designing, building, or validating detection logic.
• Highly curious, self-driven, and comfortable working in ambiguous, fast-evolving problem spaces.
• Strong communication skills, both written and verbal, with the ability to clearly articulate complex technical findings.
  
  

• Experience designing or investigating cloud attack paths and complex “toxic combinations” across services and identities.
• Background in offensive security, penetration testing, or red teaming.
• Experience with detection languages or frameworks (Rego, Sigma, YARA or similar).
• Track record of published research, conference talks, or technical blog posts.
• Experience working with product teams and delivering value to customers through the product.