Sr. Security Engineer (Vulnerability Management)

SpaceX was founded under the belief that a future where humanity is out exploring the stars is fundamentally more exciting than one where we are not. Today SpaceX is actively developing the technologies to make this possible, with the ultimate goal of enabling human life on Mars.

SR. SECURITY ENGINEER (VULNERABILITY MANAGEMENT)

SpaceX is looking for a Sr. Security Engineer to join the Information Security team to help protect and drive the SpaceX mission. Information drives our business and we must protect the confidentiality, integrity, and availability of systems and processes across the enterprise. As a highly visible and dynamic organization, we must also value and guard against damage to our reputation and brand. Finally, it is paramount that we defend against loss of control or confidence in our systems, to guarantee the highest probability of success. This role will focus on the "behind the scenes" technologies that ensure our networks and systems are up to industry and SpaceX standards of information security. It will also focus on providing high-criticality and high-risk services, with the confidentiality, integrity, and availability of those services in mind. This role will partner with various application development and customer groups across SpaceX to ensure that we are identifying and remediating any emerging vulnerabilities.

As a Vulnerability Management Engineer, you'll be a key member of the Information Security team. You'll identify vulnerabilities via scanning, validate findings, prioritize within the context of our environment, assign to the correct owner (heavily working with IT), and follow up on status. You'll use your creativity to build a process that is as automated as possible. This role requires a strong background in security as it relates to platform infrastructure, application security, and other aspects of network/cloud infrastructure security.

RESPONSIBILITIES:

• Identify, minimize and manage overall information technology attack surface
• Identify architectural deficiencies and implement vulnerability mitigation strategies to address them
• Develop and implement workflows to automate security testing and vulnerability detection
• Scope and perform security reviews of on-premise infrastructure, private and public cloud environments
• Setup and continue to grow automated scanning, ensuring maximum coverage of our environment though regular and authenticated scanning
• Foster a culture of security by leading security awareness training while communicating vulnerabilities to other engineering teams
• Produce research and collaborate with our peers in the broader cyber-security industry
• Work with multiple teams and organizations, translating security and vulnerability requirements into terms both leaders and technical implementers can use

BASIC QUALIFICATIONS:

• Bachelor’s degree in information systems, information security, computer science, engineering or similar technical field of study and 4+ years of professional experience in information security, networking and/or systems administration; OR 5+ years of professional experience in information security in lieu of a degree
• 2+ years of experience designing, building, implementing, and/or maintaining vulnerability and configuration management technologies in an enterprise level environment 
• Experience with Linux, Windows, and Mac system internals and configuration management tools

PREFERRED SKILLS AND EXPERIENCE:

• Experience with Tenable on-premise and cloud products such as Tenable.io and Tenable.sc
• Experience with auditing security controls against standards such as CIS, MSCT, & DISA STIGs
• Familiarity with enterprise security controls and security best practices for Windows, Linux, and Mac systems
• Experience in analyzing & validating vulnerabilities to most effectively prioritize the most critical vulnerabilities to a given environment
• Experience in PCI DSS security assessments
• Experience with a programming or scripting language, such as Python or PowerShell
• Experience in controlled penetration testing to validate vulnerability findings
• Familiarity with J-Frog Artifactory / X-ray
• Ability to interface with vendors to diagnose and troubleshoot problems, as well as consult on architectural design and configuration changes

ITAR REQUIREMENTS:

• To conform to U.S. Government space technology export regulations, including the International Traffic in Arms Regulations (ITAR) you must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. Department of State. Learn more about the ITAR here.  

SpaceX is an Equal Opportunity Employer; employment with SpaceX is governed on the basis of merit, competence and qualifications and will not be influenced in any manner by race, color, religion, gender, national origin/ethnicity, veteran status, disability status, age, sexual orientation, gender identity, marital status, mental or physical disability or any other legally protected status.

Applicants wishing to view a copy of SpaceX’s Affirmative Action Plan for veterans and individuals with disabilities, or applicants requiring reasonable accommodation to the application/interview process should notify the Human Resources Department at (310) 363-6000.