Sr. Information Security Analyst

SpaceX was founded under the belief that a future where humanity is out exploring the stars is fundamentally more exciting than one where we are not. Today SpaceX is actively developing the technologies to make this possible, with the ultimate goal of enabling human life on Mars.

SR. INFORMATION SECURITY ANALYST

We are a target of both nation states and actors focused on brand destruction. Information drives our business and we must protect against unauthorized changes, improper destruction, loss, or theft of that information. As a highly visible and dynamic organization, we must also value and guard against damage to our reputation and brand. Finally, it is paramount that we defend against loss of control or confidence in our systems in order to guarantee the highest probability of mission success. SpaceX Information Security Analysts are responsible for analyzing and responding to threats directed at our environment.

RESPONSIBILITIES:

• Support SpaceX as our front line responder by identifying, triaging, and remediating security detections and anomalies.
• Assess newly published vulnerabilities and attacker Tactics, Techniques, and Procedures (TTPs) to identify possible defensive measures to locate and stop threat actors.
• Provide incident response support as a key stakeholder. Collaborate with SpaceX engineering teams to proactivity improve and secure systems from future attacks.
• Operate and help mature playbooks to protect SpaceX people, missions, and assets.

BASIC QUALIFICATIONS:

• 5+ years of professional experience in information security.
• Experience with operating system internals for Linux, Windows, or macOS platforms.
• Experience with network and host-based collection tools.

PREFERRED SKILLS AND EXPERIENCE:

• Understanding of classic and emerging threat actor tactics, techniques, and procedures in both pre- and post-exploitation phases of attack lifecycles.
• Deep understanding of Incident Response processes.
• Experience using Elastic, Splunk and/or other SIEMs.
• Experience scripting language(s) for the purposes of automating security operations and incident response processes.
• Experience with reverse engineering, C2 exploitation, and broader system/network forensics.
• Security community contributions (blog posts, conference talks, CTFs, tool development, etc.)
• Knowledge of cloud infrastructure and cloud security.
• SANS/GIAC, OSCP or similar certifications.
• Technical degree.

ITAR REQUIREMENTS:

• To conform to U.S. Government space technology export regulations, including the International Traffic in Arms Regulations (ITAR) you must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. Department of State. Learn more about the ITAR here.

SpaceX is an Equal Opportunity Employer; employment with SpaceX is governed on the basis of merit, competence and qualifications and will not be influenced in any manner by race, color, religion, gender, national origin/ethnicity, veteran status, disability status, age, sexual orientation, gender identity, marital status, mental or physical disability or any other legally protected status.

Applicants wishing to view a copy of SpaceX’s Affirmative Action Plan for veterans and individuals with disabilities, or applicants requiring reasonable accommodation to the application/interview process should notify the Human Resources Department at (310) 363-6000.