Principal Infrastructure Security Engineer

A World-Changing Company

Palantir builds the world’s leading software for data-driven decisions and operations. By bringing the right data to the people who need it, our platforms empower our partners to develop lifesaving drugs, forecast supply chain disruptions, locate missing children, and more.

The Role

As a Principal Infrastructure Security Engineer, you are responsible for the security of Palantir’s infrastructure around the globe. Your technical expertise is second only to your integrity and real passion for security and technology in general. Our ideal candidate works well on a team, is highly motivated, and enjoys solving problems and taking on new challenges.

In this role, you’re building, breaking, and securing the global infrastructure that powers our world-changing products. You have a strong security mindset, care deeply about infrastructure, and are excited to protect our network and endpoints against all threats. You'll design, architect, and drive security posture changes for Palantir, and work to make life hard for our adversaries.

Core Responsibilities

1. Design, architect, and implement defensive security controls across Palantir’s multi-cloud multi-tenant SaaS infrastructure based on Kubernetes, OpenShift and several other popular open-source technologies.
2. Provide security domain expertise on protective controls, to include system, network, encryption, and authentication services throughout Palantir’s portfolio of products, services and infrastructure.
3. Design, architect and build automated systems to provide security uplift for the organization.
4. Perform security evaluations and research on new platforms, products, architectures, vendors, and services to protect Palantir data.
5. Partner closely with other members of the Technical Operations, Engineering, and Information Security teams to drive impactful changes to the company’s network defense posture.

What We Value

1. 5+ years of direct information security experience with deep exposure in protecting one or more container orchestration platforms (Kubernetes, OpenShift).
2. Comprehensive knowledge of modern adversary tactics, techniques, and procedures.
3. Ability to independently own projects and balance competing priorities, while still effectively collaborating with colleagues.
4. Experience with public cloud service providers (e.g. Amazon AWS, Google GCP, Microsoft Azure).
5. Experience with infrastructure automation platforms (e.g. Packer, Terraform, Ansible, Puppet etc.).
6. Proficiency with at least one scripting language (e.g. PowerShell, Bash, Python, or similar). Experience in Golang is a plus.
7. Willingness and eligibility to obtain a U.S. security clearance, or active TS//SCI.