Information Security SOAR Engineer
Hawthorne, CA, United States
SpaceX
SpaceX designs, manufactures and launches advanced rockets and spacecraft. The company was founded in 2002 to revolutionize space technology, with the ultimate goal of enabling people to live on other planets.SpaceX was founded under the belief that a future where humanity is out exploring the stars is fundamentally more exciting than one where we are not. Today SpaceX is actively developing the technologies to make this possible, with the ultimate goal of enabling human life on Mars.
INFORMATION SECURITY SOAR ENGINEER
We are a target of both nation states and actors focused on brand destruction. Information drives our business and we must protect against unauthorized changes, improper destruction, loss, or theft of that information. As a highly visible and dynamic organization, we must also value and guard against damage to our reputation and brand. Finally, it is paramount that we defend against loss of control or confidence in our systems in order to guarantee the highest probability of mission success. SpaceX’s SOAR Engineer will be responsible for implementing and managing security automation of our incident detection and response workflows.
RESPONSIBILITIES:
- Work closely with the Security Operations Center (SOC) and Security Engineering teams to improve existing automation and deliver resilient security solutions.
- Assess, design, and improve SOC processes and workflows with a focus on integrating automation through Security Orchestration, Automation and Response (SOAR) tools and technologies.
- Implement new SOC automation and ensure continued compatibility with existing detection and response tools.
- Integrate new logging sources and build playbooks to properly triage and respond to security incidents while reducing the time needed to analyze each event.
- Develop custom scripts to automate current detection and response workflows.
- Analyze SOC alerts statistics and workflows to reduce false positives and properly focus engineering efforts.
- Manage and improve SIEM infrastructure to improve detection flexibility and reliability.
- Build pipelines to enrich logs and alert results to provide a comprehensive view for SOC analysts.
- Operate and help mature a SOC playbook, workflow automations and use cases to protect SpaceX people, missions and assets.
BASIC QUALIFICATIONS:
- Bachelor’s degree in information systems, information security, computer science, engineering or similar technical field of study with 2+ years of information security experience; OR 4+ years of information security experience without a degree.
- Experience with Security Orchestration, Automation and Response (SOAR) tools and technologies (e.g. Sentinel, XSOAR/Demisto, Phantom, etc.)
- Experience with Python scripting language for automation.
- Experience with operating system internals for both Linux and Windows platforms.
- Experience with network and host-based collection tools such as Snort, Bro, Suricata, Sysmon, Osquery or commercial Enterprise Detection and Response (EDR) platforms.
PREFERRED SKILLS AND EXPERIENCE:
- Understanding of classic and emerging threat actor tactics, techniques and procedures in both pre and post-exploitation phases of attack lifecycles.
- Experience using Python for the purpose of automating security operations and incident response processes.
- Strong understanding of security architecture, tool integration, API development and automation.
- Deep understanding of Incident Response processes.
- Understanding of common SOC and SOAR processes and workflows.
- Working knowledge of network TCP/IP protocols.
- Experience using ELK, Splunk and/or other SIEMs.
- Security community contributions (blog posts, white papers, conference talks, tool development, etc.)
- SANS/GIAC, OSCP or similar certifications.
- Exceptional written and verbal communication skills.
- Exceptional organizational skills.
ITAR REQUIREMENTS:
- To conform to U.S. Government space technology export regulations, including the International Traffic in Arms Regulations (ITAR) you must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. Department of State. Learn more about the ITAR here.
SpaceX is an Equal Opportunity Employer; employment with SpaceX is governed on the basis of merit, competence and qualifications and will not be influenced in any manner by race, color, religion, gender, national origin/ethnicity, veteran status, disability status, age, sexual orientation, gender identity, marital status, mental or physical disability or any other legally protected status.
Applicants wishing to view a copy of SpaceX’s Affirmative Action Plan for veterans and individuals with disabilities, or applicants requiring reasonable accommodation to the application/interview process should notify the Human Resources Department at (310) 363-6000.
Tags: APIs Automation C Computer Science EDR ELK GIAC Incident response Linux OSCP Python SANS Scripting SIEM Snort SOAR Splunk TCP/IP Windows
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Windows-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open CEH-related jobs