You are here

Information Security Engineer, Infrastructure and Development Systems

Information Security Engineer, Infrastructure and Development Systems

Information Security

SpaceX was founded under the belief that a future where humanity is out exploring the stars is fundamentally more exciting than one where we are not. Today SpaceX is actively developing the technologies to make this possible, with the ultimate goal of enabling human life on Mars.

Information Security Engineer, Infrastructure and Development Systems

SpaceX is looking for an Information Security Engineer to join the Information Security Engineering team to help protect and drive the SpaceX mission. Information drives our business and we must protect the confidentiality, integrity, and availability of systems and processes across the enterprise. As a highly visible and dynamic organization, we must also value and guard against damage to our reputation and brand. Finally, it is paramount that we defend against loss of control or confidence in our systems, to guarantee the highest probability of success. This role will focus on the “behind the scenes” technologies that ensure our networks and systems are up to industry and SpaceX standards of information security. It will also focus on providing high-criticality and high-risk services, with the confidentiality, integrity, and availability of those services in mind. This role will partner with various application development and customer groups across SpaceX to ensure that the technologies and systems we build in-house or purchase and deploy in-house are designed and maintained in a secure way that minimizes risk.

Responsibilities:

  • Design, build, and maintain technology solutions and systems that provide security for SpaceX systems, networks, and data. This can include:
    • Dynamic File Analysis Technologies (e.g. Sandboxing technologies)
    • Authentication and Identity Services, including Muti-Factor solutions
    • Logging Systems and Technologies (e.g. ELK, Elastisearch, Logstash, Kibana)
    • Vulnerability and System Hardening Scanners (e.g. Nessus)
    • Email Security Appliances (e.g. Cisco Ironports)
    • Secure File Transfer Systems
    • Static Code Analysis platforms
  • Serve as the Subject Matter Expert (SME) for those solutions, maintaining documentation on them and advising others on their underlying technologies and operation.
  • Work with security and IT teams to identify threats and problem areas, using that feedback to further strengthen tools and technologies. Materialize this as improvements which result in stronger and safer software and application deployments across SpaceX, measuring in decreased risk and prevalence of issues.
  • Work with internal stakeholders to assess the risk of vendor relationships, through examination of the intended relationship and the vendor’s security posture. Consult internal teams on mitigating that risk.
  • Interface with Flight Software, Ground Software, and Business Applications teams to advise on design, architecture, deployment, and operation of systems across SpaceX as the Security POC for these projects. This can include threat modeling, code reviews, and vulnerability assessments of the applications.
  • Build and maintain scripts and automation that support the information security mission across SpaceX, to be utilized by information security teammates and other partner organizations.
  • Create solutions that are scalable, repeatable, maintainable, and secure.
  • Communicate status of projects and systems to the Information Security team, management, and partner organizations.
  • Identify and evaluate risks, and then discover, select, and implement technology and process solutions that mitigate those risks.
  • Work collaboratively with other teams, including individuals in information security, physical security, information technology, human resources, legal, software, and others.

­­­­­

Basic Qualifications:

  • Bachelor’s degree in information technology, information security, computer science or similar technical field of study.
  • Minimum of 4 years of information security, networking and/or systems administration experience.
  • Minimum of 2 years’ experience with a programming or scripting language such as C#, Python, or PowerShell.

Preferred Skills and Experience:

  • Strong Familiarity with Software Development Lifecycle (SDLC) processes and source control technologies.
  • Experience building automation between tools and systems.
  • Experience performing analytics against aggregated log data, and building configurations to parse and handle log data from systems and tools.
  • Familiarity with Linux, Windows, and Mac system internals and configuration standards.
  • Track record of getting things done quickly and with quality.
  • Demonstrated ability to operate in a dynamic, evolving environment.
  • Ethical character and uncompromised integrity.

ITAR Requirements:

  • To conform to U.S. Government space technology export regulations, applicant must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. Department of State. Learn more about ITAR here.

SpaceX is an Equal Opportunity Employer; employment with SpaceX is governed on the basis of merit, competence and qualifications and will not be influenced in any manner by race, color, religion, gender, national origin/ethnicity, veteran status, disability status, age, sexual orientation, gender identity, marital status, mental or physical disability or any other legally protected status.

Applicants wishing to view a copy of SpaceX’s Affirmative Action Plan for veterans and individuals with disabilities, or applicants requiring reasonable accommodation to the application/interview process should notify the Human Resources Department at (310) 363-6000.

 

 

Job Location