SpaceX was founded under the belief that a future where humanity is out exploring the stars is fundamentally more exciting than one where we are not. Today SpaceX is actively developing the technologies to make this possible, with the ultimate goal of enabling human life on Mars.
We are a target of both nation states and people focused on brand destruction. Information drives our business and we must protect against unauthorized changes, improper destruction, loss, or theft of that information. As a highly visible and dynamic organization, we must also value and guard against damage to our reputation and brand. Finally, it is paramount that we defend against loss of control or confidence in our systems, in order to guarantee the highest probability of mission success. SpaceX Information Security Analysts are responsible for Network Monitoring, Preventative and Detective Controls, Forensics and Investigations, Security Awareness, Security Vulnerability Management and Cyber Threat Intelligence activities.
- Assess, triage and prioritize security alerts from logging and monitoring systems.
- Identify, triage, and remediate threats based on threat intelligence as well as active analysis of log data. Investigate and communicate with peers on the risk posed by these threats. Report on findings from investigations and incidents to the broader organization as necessary.
- Operate against a SOC playbook to protect SpaceX people, missions, and assets.
- Evaluate system, application, and user data for adherence to organizational policies and procedures.
- Apply critical thinking to all activities and actions, in pursuit of SpaceX and Information Security goals.
- Assess newly published vulnerabilities and attacker Tactics, Techniques and Procedures (TTPs) to identify possible defensive measures to locate and stop threat actors.
- Contributes to tool optimization and automation initiatives to streamline analysis and response workflows.
- Bachelor’s degree in information systems, security, computer science or a related technical field of study and 1 year of professional or academic experience in information security areas such as threat hunting, incident response, forensics, security analysis, security engineering, etc, OR 3+ years of professional experience in the aforementioned areas without a degree.
- Experience with operating system internals and security controls such as Linux and/or Windows.
- Experience with regular expressions and scripting language(s) (e.g. Python, Bash or PowerShell).
PREFERRED SKILLS AND EXPERIENCE:
- Familiarity with ELK, Splunk and/or other SIEMs.
- Working knowledge of network TCP/IP protocols.
- Experience with malware behavioral analysis and broader system forensics.
- Demonstrable track record of getting things done quickly with high quality.
- Exceptional written and verbal communication skills.
- Exceptional organizational skills.
- SANS GIAC, OSCP, CEH or similar certifications.
- Available for bi-weekly rotating on call duty
- To conform to U.S. Government space technology export regulations, including the International Traffic in Arms Regulations (ITAR) you must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. Department of State.
SpaceX is an Equal Opportunity Employer; employment with SpaceX is governed on the basis of merit, competence and qualifications and will not be influenced in any manner by race, color, religion, gender, national origin/ethnicity, veteran status, disability status, age, sexual orientation, gender identity, marital status, mental or physical disability or any other legally protected status.
Applicants wishing to view a copy of SpaceX’s Affirmative Action Plan for veterans and individuals with disabilities, or applicants requiring reasonable accommodation to the application/interview process should notify the Human Resources Department at (310) 363-6000.