Rivian is on a mission to keep the world adventurous forever. This goes for the emissions-free Electric Adventure Vehicles we build, and the curious, courageous souls we seek to attract.
As a company, we constantly challenge what’s possible, never simply accepting what has always been done. We reframe old problems, seek new solutions and operate comfortably in areas that are unknown. Our backgrounds are diverse, but our team shares a love of the outdoors and a desire to protect it for future generations.
Cybersecurity Threat Detection Engineer Rivian is seeking a Cybersecurity Threat Detection Engineer with an adversarial mindset, purple team technical depth, and entrepreneurial spirit to join our Cybersecurity Operations team. The candidate will collaborate with cross-functional teams to create innovative detection strategies and help develop a best-in-class Cybersecurity Monitoring program. The candidate will build tailored security detections to enhance Rivian's Cybersecurity program by leveraging Security Information and Event Management (SIEM), Security Orchestration Automation and Response (SOAR), Endpoint Detection, and Response (EDR), and Network Detection and Response (NDR) services.
- Utilize NDR, EDR, real-time streaming, and SIEM technologies to build threat detections.
- Develop enrichment pipelines and automation to enhance the fidelity of threat detections.
- Develop correlation and automation to create high-fidelity threat detections
- Develop and maintain playbooks for incident triage and response.
- Align threat detection content with Rivian Use Case Framework and report metrics based on cybersecurity threats impacting Rivian.
- Collaborate with Rivian's Cybersecurity Operations Center (CSOC), Operational Technology (OT), and Incident Response (IR) Teams to ensure detections are valuable and actionable.
- Provide feedback with Cybersecurity Operations to Rivian's Use Case Framework to improve our Security Monitoring strategy.
- Minimum of 3 years of cybersecurity experience focus on:
- Firm understanding of malicious cyber actor tactics, techniques, and procedures
- Firm understanding of SIEM technologies and native search syntax, reporting, and alerting capability.
- Experience writing and tuning host detections
- Experience writing and tuning network detections
- Experience performing offensive attacks
- Preferred cybersecurity certifications:
- Offensive Security: OSCP, OSEP, OSWE, OSED, or OSEE
- SANS GIAC: GCIA, GPEN, GCIH, GCFA, GMON, GCDA, or GCED
- Experience with design, implementation, and operationalizing of cybersecurity systems – including documenting requirements, working with vendors, configuring/testing system, creating knowledge articles, executing transition to relevant operations team.
- Experience documenting, socializing, and operationalizing cybersecurity technology, and processes
- Demonstrated experience working across multiple teams to build cross-functional relationships and working with various levels of technical expertise.
- Continuously assess and improve the organization's threat detection people, process, and technology
- Self-starter who is comfortable operating in a fast-paced environment
- Ability to think critically and explore new creative solutions
- Continual review and education on emerging trends and threats to enhance tooling and processes
- Strong interpersonal skills. Ability to work effectively in a team-oriented environment.
Rivian is an equal opportunity employer and complies with all applicable federal, state, and local fair employment practices laws. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, ancestry, sex, sexual orientation, gender, gender expression, gender identity, genetic information or characteristics, physical or mental disability, marital/domestic partner status, age, military/veteran status, medical condition, or any other characteristic protected by law.
Rivian is committed to ensuring that our hiring process is accessible for persons with disabilities. If you have a disability or limitation, such as those covered by the Americans with Disabilities Act, that requires accommodations to assist you in the search and application process, please email us at email@example.com.
We take your privacy seriously. For details please see our Candidate Privacy Notice.
Please note that we are currently not accepting applications from third party application services.