As an Information Security Engineer, you are responsible for the security of Palantir's people and infrastructure around the globe. Your technical expertise is second only to your integrity and real passion for security and technology in general. You work well on a team, are highly motivated and enjoy solving problems and taking on new challenges.
You're the first line of defense for protecting Palantir. You are part of an elite operational team responsible for 24/7 protection, detection, and investigation of security events and active attacks across our entire infrastructure. Your work directly impacts the success of the mission as you hunt for badness across our global network – wherever it may hide.
- Build, run, and own infrastructure and automation to detect, contain, and eradicate security threats.
- Develop alerting and detection strategies to identify malicious or anomalous behavior.
- Develop new and novel defensive techniques to identify or thwart changes in adversary techniques and tactics.
- Dissect network, host, memory, and other artifacts originating from multiple operating systems and applications.
- Perform enterprise-wide operations to hunt for sophisticated and undetected threats.
- Work closely with other members of the Information Security team to lead changes in the company's network defense posture.
What We Value
- Broad exposure to multiple security disciplines and deep exposure in Incident Response or Detection Engineering.
- Strong background in incident response, hunting, forensics, intrusion detection or threat intelligence.
- Deep security experience (3+ years) in at least one major platform (e.g. AWS, Azure, Windows, OS X, Linux, etc.)
- Desire to further the information security community through substantive contributions (e.g. conference talks, blog posts, public tool development, etc.)
- Strong investigative mindset with acute attention to detail.
- Intermediate knowledge of Python (Preferred), PowerShell, or similar.
- Strong working knowledge of TCP/IP networking and common protocols.
- Active TS/SCI security clearance or willingness and eligibility to obtain a security clearance.