Information Security Engineer - CIRT

A World-Changing Company

Palantir builds the world’s leading software for data-driven decisions and operations. By bringing the right data to the people who need it, our platforms empower our partners to develop lifesaving drugs, forecast supply chain disruptions, locate missing children, and more.

The Role

As an Information Security Engineer, you are responsible for the security of Palantir’s people and infrastructure around the globe. Your technical expertise is second only to your integrity and real passion for security and technology in general. Our ideal candidate works well on a team, is highly motivated, and enjoys solving problems and taking on new challenges.

In this role you’ll be the first line of defense for protecting Palantir. Your team is responsible for the 24/7 prevention, detection, and investigation of security events and active attacks across our entire infrastructure. Your work will directly impact the success of Palantir's mission as you seek to make life hard for our adversaries and protect our global network.

Core Responsibilities

1. Build, run, and own infrastructure and automation to detect, contain, and eradicate security threats.
2. Develop alerting and detection strategies to identify malicious or anomalous behavior.
3. Develop new and novel defensive techniques to identify or counteract changes in adversary techniques and tactics.
4. Dissect network, host, memory, and other artifacts originating from multiple operating systems and applications.
5. Perform enterprise-wide operations to uncover sophisticated and undetected threats.
6. Partner closely with other members of the Information Security team to lead changes in the company's network defense posture.

What We Value

1. Broad exposure to multiple security subject areas, including a strong background in forensics or threat intelligence.
2. Deep exposure in Incident Response or Detection Engineering.
3. Desire to further the information security community through substantive contributions (e.g. conference talks, blog posts, public tool development, etc.)
4. Strong working knowledge of TCP/IP networking and common protocols.

What We Require

1. Extensive security experience (3+ years) in at least one major platform (e.g. AWS, Azure, Windows, OS X, Linux, etc.).
2. Proficiency in Python (preferred), PowerShell, or similar.
3. Active TS/SCI security clearance or willingness and eligibility to obtain a security clearance.