Senior Information Security Engineer (Infrastructure and Development Systems)
Hawthorne, CA, United States
Posted 1 month ago
SpaceX was founded under the belief that a future where humanity is out exploring the stars is fundamentally more exciting than one where we are not. Today SpaceX is actively developing the technologies to make this possible, with the ultimate goal of enabling human life on Mars.
SENIOR INFORMATION SECURITY ENGINEER (INFASTRUCTURE AND DEVELOPMENT SYSTEMS)
SpaceX is looking for a Senior Information Security Engineer to join the Information Security Engineering team to help protect and drive the SpaceX mission. Information drives our business and we must protect the confidentiality, integrity, and availability of systems and processes across the enterprise. As a highly visible and dynamic organization, we must also value and guard against damage to our reputation and brand. Finally, it is paramount that we defend against loss of control or confidence in our systems, to guarantee the highest probability of success. This role will focus on the behind the scenes technologies that ensure our networks and systems are up to industry and SpaceX standards of information security. It will also focus on providing high-criticality and high-risk services, with the confidentiality, integrity, and availability of those services in mind. This role will partner with various application development and customer groups across SpaceX to ensure that the technologies and systems we build in-house or purchase and deploy in-house are designed and maintained in a secure way that minimizes risk.
- Design, build, and maintain technology solutions and systems that provide security for SpaceX systems, networks, and data. This can include:
- Network security systems and the backend infrastructure that powers such services.
- Application level security controls (e.g. Web Application Firewalls).
- Cloud deployments security policy enforcement, centralized configuration management, monitoring, etc.
- Authentication and Identity Services, including Muti-Factor solutions, Network Access Control identity servers, and related authentication and authorization technologies.
- Identity lifecycle management services and automation.
- Familiarity with enterprise security controls and security best practices for Windows, Linux, and Mac systems.
- Familiarity with cloud security services, concepts, and best practices.
- Serve as the Subject Matter Expert (SME) for those solutions, maintaining documentation on them and advising others on their underlying technologies and operation.
- Work with security and IT teams to identify threats and problem areas, using that feedback to further strengthen tools and technologies. Materialize this as improvements which result in stronger and safer software and application deployments across SpaceX, measuring in decreased risk and prevalence of issues.
- Interface with Flight Software, Ground Software, and Business Applications teams to advise on design, architecture, deployment, and operation of systems across SpaceX as the Security POC for these projects. This can include threat modeling, code reviews, and vulnerability assessments of the applications.
- Build and maintain scripts and automation that support the information security mission across SpaceX, to be utilized by information security teammates and other partner organizations.
- Create solutions that are scalable, repeatable, maintainable, and secure.
- Communicate status of projects and systems to the Information Security team, management, and partner organizations.
- Identify and evaluate risks, and then discover, select, and implement technology and process solutions that mitigate those risks.
- Work collaboratively with other teams, including individuals in information security, physical security, information technology, human resources, legal, software, and others.
- Bachelor's degree in information technology, information security, computer science or similar technical field of study and 4+ years of information security, networking and/or systems administration experience; or 6+ years of information security experience without a degree
- Minimum of 2 years' experience with a programming or scripting language such as Python or PowerShell.
PREFERRED SKILLS AND EXPERIENCE:
- Strong familiarity with Software Development Lifecycle (SDLC) processes and source control technologies.
- Experience building automation between tools and systems.
- Experience performing analytics against aggregated log data, and building configurations to parse and handle log data from systems and tools.
- Familiarity with Linux, Windows, and Mac system internals.
- Track record of getting things done quickly and with quality.
- Demonstrated ability to operate in a dynamic, evolving environment.
- Ethical character and uncompromised integrity.
- To conform to U.S. Government space technology export regulations, applicant must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. Department of State. Learn more about ITAR here.
SpaceX is an Equal Opportunity Employer; employment with SpaceX is governed on the basis of merit, competence and qualifications and will not be influenced in any manner by race, color, religion, gender, national origin/ethnicity, veteran status, disability status, age, sexual orientation, gender identity, marital status, mental or physical disability or any other legally protected status.
Applicants wishing to view a copy of SpaceX's Affirmative Action Plan for veterans and individuals with disabilities, or applicants requiring reasonable accommodation to the application/interview process should notify the Human Resources Department at (310) 363-6000.