SECURITY ENGINEER (SECURITY OPERATIONS)

SpaceX is targeted by sophisticated adversaries determined to disrupt or obtain the cutting-edge technology it develops. SpaceX is hiring a security engineer to join the security operations team to build the capabilities needed to detect and respond to these adversaries. The environment in which you will operate is used to launch rockets and control spacecraft. You will be tasked with developing the tooling and data delivery mechanisms the security operations team will use to catch these threat actors in this environment before they can disrupt or deny SpaceX’s mission.

Your output will be developing solutions to address visibility gaps while bolstering the resilience of internally developed tooling to ensure maximum uptime for detecting threats. Your work may involve creating automation workflows to drive down time to triage security detections, developing a service to pull in new datasets or enrich existing ones, and finally helping the SOC respond and address visibility gaps from an incident. If you are interested in detecting and disrupting sophisticated threat actors in order to secure SpaceX’s mission to Mars, let’s talk!

RESPONSIBILITIES:

• Build and improve existing security detection mechanisms and automation frameworks that directly drive what the Security Operations Center.
• Engage with relevant owners of high-risk systems and services to identify and prioritize detection gaps.
• Investigate anomalous or suspicious behavior in the environment as it is identified in the detection engineering process.
• Participate in adversary emulation activities to identify detection gaps in the environment.

BASIC QUALIFICATIONS:

• 2+ years of professional experience in incident response, security operations, or security engineering role in lieu of a degree; OR a bachelor’s degree in security engineering, computer science, cyber security, engineering, math, or other STEM discipline.
• Experience with any modern programming language (including but not limited to Python, Go, C++, Rust).

PREFERRED SKILLS AND EXPERIENCE:

• Experience performing Incident Response related tasks or being a part of a role directly contributing to a CSIRT team.
• Experience building Extract, Transform, and Load (ETL) pipelines from diverse systems to optimize logging formats for threat detection.
• Demonstrated ability to support and manage services in a Kubernetes (k8s) environment, ensuring high availability and reliability through monitoring, alerting, and infrastructure automation.
• Knowledge of traditional Security Operations environments and response procedures, including modern security information and event management (SIEM) systems.
• Knowledge of common attack trends or techniques, and the evidence sources needed to investigate.
• Familiarity with enterprise security controls and best practices for Windows, Linux, and/or macOS systems.

ADDITIONAL REQUIREMENTS:

• Must be able to work extended hours and weekends as needed.

COMPENSATION AND BENEFITS:

Pay Range:

Security Engineer/Level I: $130,000.00 - $150,000.00/per year

Security Engineer/Level II: $145,000.00 - $175,000.00/per year

Your actual level and base salary will be determined on a case-by-case basis and may vary based on the following considerations: job-related knowledge and skills, education, and experience.

Base salary is just one part of your total rewards package at SpaceX. You may also be eligible for long-term incentives, in the form of company stock, stock options, or long-term cash awards, as well as potential discretionary bonuses and the ability to purchase additional stock at a discount through an Employee Stock Purchase Plan. You will also receive access to comprehensive medical, vision, and dental coverage, access to a 401(k) retirement plan, short and long-term disability insurance, life insurance, paid parental leave, and various other discounts and perks. You may also accrue 3 weeks of paid vacation and will be eligible for 10 or more paid holidays per year. Employees accrue paid sick leave pursuant to Company policy which satisfies or exceeds the accrual, carryover, and use requirements of the law.