Incident Response Engineer (CIRT) - Palantir Seattle, WA, USA Bookmark Share Print 791 1 12

Listing Description

As an Information Security Engineer, you are responsible for the security of Palantir’s people and infrastructure around the globe. Your technical expertise is second only to your integrity and real passion for security and technology in general. You work well on a team, are highly motivated and enjoy solving problems and taking on new challenges.

This isn't a typical SOC job. In fact, we don't even have a SOC. We're a team that believes clicking 'false positive' on a thousand snort alerts per day is unreasonable. We're diehard infosec fanatics with a love for devops and automation. We manage the full lifecycle of incident response, from toolsets, detection strategies, response tradecraft, and protective controls. We believe everything (including our infrastructure) can be automated, we continually drive improvements to our detection and response infrastructure, and ultimately drive the security posture for Palantir. We're a small, tightly knit family and we're looking for passionate and talented InfoSec engineers who love Incident Response and Digital Forensics. ​

The goal is simple: We're building one of the world's best incident detection and response teams. We continually fight

adversaries and are looking for exceptionally strong candidates who want to make Palantir, our customers, and the world a safer place.

What we value:

Broad exposure to multiple security disciplines and deep exposure in Incident Response or Detection Engineering.

Strong background in incident response, hunting, forensics, intrusion detection or threat intelligence.

Deep security experience (3+ years) in at least one major platform (e.g. AWS, Azure, Windows, OS X, Linux, etc.)

Desire to further the information security community through substantive contributions (e.g. conference talks, blog posts, public tool development, etc.)

Strong investigative mindset with acute attention to detail.

Intermediate knowledge of Python (Preferred), PowerShell, or similar.

Strong working knowledge of TCP/IP networking and common protocols.

Obligatory Disclaimer:

Palantir is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. Please see the United States Department of Labor's EEO poster and EEO poster supplement for additional information.

If you need assistance or an accommodation due to a disability, you may contact us at accommodations@palantir.com.Build, run, and own infrastructure and automation to detect, contain, and eradicate security threats.

Develop alerting and detection strategies to identify malicious or anomalous behavior.

Develop new and novel defensive techniques to identify or thwart changes in adversary techniques and tactics.

Dissect network, host, memory, and other artifacts originating from multiple operating systems and applications.

Perform enterprise-wide operations to hunt for sophisticated and undetected threats.

Work closely with other members of the Information Security team to lead changes in the company's network defense posture.