Senior Information Security Analyst (Insider Threat)
Hawthorne, CA, United States
SpaceX was founded under the belief that a future where humanity is out exploring the stars is fundamentally more exciting than one where we are not. Today SpaceX is actively developing the technologies to make this possible, with the ultimate goal of enabling human life on Mars.
SENIOR INFORMATION SECURITY ANALYST (INSIDER THREAT)
We are looking for a Senior Analyst to join the Insider Threat Team, whose mission is to protect SpaceX’s intellectual property and confidential business information from internal and external threats. Information drives our business and we must protect against unauthorized changes, improper destruction, loss, or theft of that information. As a highly visible and dynamic organization, we must also value and guard against damage to our reputation and brand. As the Senior Technical Investigations Analyst you will work closely with the Insider Threat Team members as well as the Security Operations Center (SOC) team to develop SpaceX’s program to deter, detect, and respond to threats to the company’s intellectual property and confidential business information. The Insider Threat program is part of the greater Information Security Organization.
Assess, triage and prioritize security alerts from logging and monitoring systems
Identify, triage and remediate threats based on threat intelligence as well as active analysis of log data
Investigate and communicate with peers on the risk posed by these threats. Report on findings from investigations and incidents
Operate against a Security Operations Center (SOC) playbook as well as the Insider Threat program processes to protect SpaceX people, mission and assets
Evaluate user data for anomalous activity
Create and maintain alerts and detections to minimize false positives and identify concerning behavior
Apply critical thinking to all activities and actions, in pursuit of SpaceX, and the Insider Threat Program goals
Contributes to tool optimization and automation initiatives to streamline analysis and response workflows
Review user activity, highlighting areas of concern or evidence of anomalous activity and escalate to management
Respond to request for ad-hoc reporting and research topics from management as required
Produce concise, written analysis and visual presentation of findings
Deal professionally with offensive, profane, and obscene materials encountered during the course of investigations and research
Apply intelligence reporting and knowledge of the security network towards the discovery of suspicious activity and to prevent and/or detect future incidents
Support standardization of threat responses
Support process improvement of the current insider threat program and alignment with the strategic program
6 + years of experience in information security areas such as threat hunting, incident response, forensics, security analysis, security engineering
Experience with regular expressions and scripting language(s) (e.g. Python, Bash or Powershell)
Experience with operating system internals and security controls such as a Linux and/or Windows
Experience with cyber threats, defenses, motivations and techniques
PREFERRED SKILLS AND EXPERIENCE:
Familiarity with ELK, Splunk, and/or other SIEMs
Broad understanding of network architecture and network security methods to include their capabilities and limitations
Strong understanding of threat analysis and enterprise level, mitigation strategies.
Working knowledge or network TCP/IP Protocols
Experience with behavioral analysis
Experience with broader system forensics
Experience with conducting operations in closed/vetted online forums and marketplaces in both the surface and dark web spaces
Demonstrable track record of getting things done quickly with high quality
Exceptional written and verbal communication skills
Experience distilling raw information into actionable intelligence
Experience with intelligence analysis tools, methods and the intelligence lifecycle
Exceptional organizational skills
SANS, GIAC, OSCP, CEH or similar certifications.
To conform to U.S. Government space technology export regulations, including the International Traffic in Arms Regulations (ITAR) you must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. Department of State. Learn more about the ITAR here.
SpaceX is an Equal Opportunity Employer; employment with SpaceX is governed on the basis of merit, competence and qualifications and will not be influenced in any manner by race, color, religion, gender, national origin/ethnicity, veteran status, disability status, age, sexual orientation, gender identity, marital status, mental or physical disability or any other legally protected status.
Applicants wishing to view a copy of SpaceX’s Affirmative Action Plan for veterans and individuals with disabilities, or applicants requiring reasonable accommodation to the application/interview process should notify the Human Resources Department at (310) 363-6000.