Manager, Detection & Response

Location: 

This position is remote within the United States. 

Role Summary

Censys is looking for a Manager of Product Detection & Response to join our Research and Threat Analysis team to drive both strategy and vision as well as be hands on keyboard with their engineers. This is not a typical corporate detection and response role. This role will lead the effort within Censys to fingerprint software and services in the Censys Internet Intelligence Platform - like a SIEM for Censys scan data. In this leadership role, you will have to work with members of our Research, Data Engineering, and Product teams to figure out how we can label C2 at scale, discover anomalies across infrastructure, interpret patterns and limitations of our rules engine, and operate as an authority on our detection capabilities. 

What you'll do:

• In this role you will serve as the cornerstone of Censys’ effort to build the most comprehensive understanding of the Internet. You will lead a team and our strategy to tactically fingerprint software and devices that are susceptible to attack via configuration errors and vulnerabilities as well as roadmap future efforts in active vulnerability testing.
• Research and develop custom fingerprints against Censys scan data to further enrich and contextualize services and infrastructure running on the Internet.
• Consult with the Data engineering team for implementing possible changes to scanning targets, payloads, and collection of data to further increase the fidelity and accuracy of identification of software and hardware versions and models.
• Coordinate with our Go-to-Market and Sales teams to facilitate researching and fingerprinting of emerging vulnerabilities, threats, and high-priority detections.
• Participate in on-call rotations to ensure 24x7 coverage of hi-impact, critical security vulnerabilities

Qualifications:

• Bachelor's degree in Computer Science, Data Science, Engineering, or other technical discipline (or equivalent professional experience).
• 7+ years of experience in security research/systems security/network security or a similar field.
• 2+ years leading a security engineering function
• Previous experience in Application Security, Penetration Testing, and/or Red Team is preferred.
• Active vulnerability testing experience with frameworks like Nuclei; exploit development experience
• Experience with protocol analysis and in-depth knowledge of common protocols such as TLS, HTTP, SSH, SMB, SMTP
• High-level understanding of common network security vulnerabilities, CVSS scoring and exploit techniques.
• Experience exploring active scan data using tools such as Censys Search, Shodan, or similar; and/or experience with data analysis tools such as Google BigQuery.
• Proficient with regular expressions and other pattern-matching expressions.
• Experience in at least one scripting/programming language with a preference for Go and Python.
• Ability to concisely communicate complex subject matter to technical and non-technical audiences.
• Ability to work independently as a researcher while being part of a larger cross-functional team.
• Operational experience within a Product driven environment that should include GTM involvement

For high cost of living areas, the expected salary range for this position is $172,000 - $205,000 

For all other locations, the expected salary range for this position is $140,000 - $167,000. 

In addition to our great compensation package, our benefits are effective on day one and include but are not limited to: 401k match, health, vision, dental, and more! Please see our careers page for more details.

Our roots are in Ann Arbor, Michigan and our innovation is fueled by the team’s global perspectives. For this role, we are open to remote employees across the continental US.

We value diversity and are committed to creating an inclusive environment for all employees. Censys is an equal opportunity employer.