Incident Response Engineer (CIRT) - Palantir Technologies Palo Alto, CA, United States Bookmark Share Print 697 0 3

Listing Description

About the Job: You’re the first line of defense for protecting Palantir. You are part of an elite operational team responsible for 24/7 protection, detection, and investigation of security events and active attacks across our entire infrastructure. Your work directly impacts the success of the mission as you hunt for badness across our global network – wherever it may hide.

This isn't a typical SOC job. We believe that clicking 'false positive' on a thousand snort alerts per day is unreasonable. We're diehard infosec fanatics with a love for devops and automation. We manage the full lifecycle of incident response, from toolsets, detection strategies, response tradecraft, and protective controls. We believe everything (including our infrastructure) can be automated, continually build awesome infrastructure for detection/response, and ultimately drive the security posture for Palantir. We're a small, tightly knit family and we're looking for passionate and talented InfoSec engineers who love Incident Response.

Things we're looking for:

- US Citizenship

- Broad exposure to multiple security disciplines and deep exposure in one or more (preferably including Digital Forensics or Incident Response).

- Deep forensic experience in one or more major operating system platforms (Windows, OS X, or Linux).

- You'll need a strong investigative mindset with acute attention to detail.

- You'll need at least an intermediate knowledge of Python (Preferred), PowerShell, or similar.

- You'll need strong working knowledge of TCP/IP networking and common protocols.

Things we'd love:

- Active TS/SCI security clearance or willingness and eligibility to obtain a security clearance

- Experience performing dynamic analysis of malware to develop signatures and countermeasures

- Experience performing offensive assessments, penetration testing, exploit development, or vulnerability analysis

About Palantir: At Palantir, we’re passionate about building software that solves problems. We partner with the most important institutions in the world to transform how they use data and technology. Our software has been used to stop terrorist attacks, discover new medicines, gain an edge in global financial markets, and more. If these types of projects excite you, we'd love for you to join us.

About InfoSec: Our Information Security team is responsible for the security of Palantir’s people and infrastructure around the globe. As a member of the Information Security team, your technical expertise is second only to your professionalism and passion for security and technology in general. You’re a highly motivated team player that thrives on solving problems and tackling new challenges.

Actively detect, respond to, and remediate security events across our global infrastructure.

Perform proactive enterprise-wide operations to hunt for sophisticated and previously unknown malware.

Develop new and novel capabilities for uncovering, detecting, and disabling malware.

Dissect network, host, memory, and other artifacts originating from multiple operating systems and applications.

Work closely with other members of the Information Security team to drive changes in the network defense posture of Palantir.

Make life miserable for our attackers.