NOTE: Kenna will not consider or accept resumes from external recruiters for this job posting. Kenna will not be responsible for any fees related to unsolicited resumes.

Kenna Security is revolutionizing cyber risk with a SaaS-based platform that uses data science to combine vulnerability data with exploit intelligence to measure risk, predict attacks and prioritize remediation. We are leading the way in helping enterprises reduce their risk while increasing their efficiency and preventing attacks. Kenna Security was recently named one of the top 10 hottest start-ups and named to the Inc. 500 fastest growing companies list.

We are looking for a Security Research Engineer to join our growing Research and Data Science team. As a Security Research Engineer, you'll take ownership of scoping and delivering long-term security research initiatives. You'll need to balance data analysis, engineering and security research skills and understand how each enhances the other.

A good mix of skills includes:

• Demonstrable experience with scripting and automation in vulnerability discovery - whether in the context of general research, bug bounties, penetration testing, red teaming or security engineering. You’ll be pioneering novel techniques to assess system security and it’s important you understand the strengths and limitations of automation.
• Ability to build and maintain labs, cloud assets and IT infrastructure that will be used cross-functionally in the organization to test our products.
• While no particular automation technology is required, experience with some form of automation will be required for you to be successful. Golang, Python, or Ruby are a major plus.
• Ability to quickly learn new technologies and prototype integration. Our platform is built integration-first with strong REST APIs, and we partner with many companies in the space. You’ll need to be able to quickly pick up, test and integrate new security technologies and results.
• Experience working in a team setting with engineering, QA, product and other technical functions. More importantly, previous demonstrable experience leading cross-functional initiatives to successful outcomes is very important.
• Experience building or operating osquery in a production environment is preferred

Additional helpful, though not strictly required:

• Previous experience setting up, scaling, and managing IT assets is a plus.
• Deep experience in red teaming, penetration testing, bug bounties, or vulnerability assessment
• Experience with cloud and application technologies such as AWS EC2 and ECS
• Experience with virtualization technologies such as VMware
• Software engineering experience, and particularly SDET experience

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex or national origin.

#LI-AA1

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex or national origin.