Information Security Engineer - Insider Risk
About The Position
Palantir builds the worldâs leading software for data-driven decisions and operations. By bringing the right data to the people who need it, our platforms empower our partners to develop lifesaving drugs, forecast supply chain disruptions, locate missing children, and more. As an Insider Threat Detection Engineer, you are responsible for protecting Palantir's people, data, and most sensitive assets across the globe. Your technical expertise is matched by your integrity and genuine passion for security. You work well on a team, are highly motivated, and thrive on solving problems and taking on new challenges. Your team serves as a critical line of defense, responsible for the 24/7 prevention, detection, and investigation of security events and active threats across Palantir's environment. This role focuses on all aspects of Detection and Response with a strong emphasis on identifying and mitigating insider risks. Your work will directly impact the success of Palantir's mission by making it difficult for adversaries â both external and internal â to compromise our global network.
Requirements
- Extensive security experience (3+ years) in at least one major platform (e.g. AWS, Azure, Windows, OS X, Linux, etc.)
- Proficiency in Python (preferred), PowerShell, or similar
- Familiarity with endpoint telemetry and log sources from at least one major operating system
- Experience with common SIEM/SOAR platforms and proficiency writing queries against security event data
- Active TS/SCI security clearance or eligibility to obtain a security clearance.
Nice To Haves
- Broad exposure to multiple security subject areas, including a strong background in forensics or threat intelligence
- Deep exposure in Incident Response or Detection Engineering
- Desire to further the information security community through substantive contributions (e.g. conference talks, blog posts, public tool development, etc.)
- Comfort in operating autonomously and engaging across business levels to advise on security outcomes.
Responsibilities
- Engineer and automate end-to-end detection and investigation workflows, continuously improving Detection and Response infrastructure
- Develop alerting and detection strategies to identify malicious or anomalous behavior, including new and novel defensive techniques that adapt to evolving adversary tactics and tradecraft
- Dissect network, host, memory, and other artifacts originating from multiple operating systems and applications.
- Investigate security events and active attacks across the enterprise, uncovering sophisticated threats and identifying patterns of behavior that indicate insider risk
- Influence and inform security controls designed to safeguard Palantir's most critical assets
- Partner closely with other members of the Information Security team to lead changes in the company's network defense posture.
Benefits
- Employees (and their eligible dependents) can enroll in medical, dental, and vision insurance as well as voluntary life insurance
- Employees are automatically covered by Palantirâs basic life, AD&D and disability insurance
- Commuter benefits
- Relocation assistance
- Take what you need paid time off, not accrual based
- 2 weeks paid time off built into the end of each year (subject to team and business needs)
- 10 paid holidays throughout the calendar year
- Supportive leave of absence program including time off for military service and medical events
- Paid leave for new parents and subsidized back-up care for all parents
- Fertility and family building benefits including but not limited to adoption, surrogacy, and preservation
- Stipend to help with expenses that come with a new child
- Employees can enroll in Palantirâs 401k plan
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
