← All verified jobs

Information Security Engineer - Insider Risk

palantir Seattle, WA

See all open roles at palantir

Ghost-risk verdict

Some ghost-posting signals

  • open for 95 days (90+ without a fill is a strong ghost signal)
  • 238 open roles at this company in 30 days (mass-hiring blitz)
  • no salary disclosed (correlates with ghost postings)

How we score ghost risk →

See your fit for this role and apply with a truthfully tailored résumé.

See my fit, free

About the role

Core Responsibilities

Engineer and automate end-to-end detection and investigation workflows, continuously improving Detection and Response infrastructure

Develop alerting and detection strategies to identify malicious or anomalous behavior, including new and novel defensive techniques that adapt to evolving adversary tactics and tradecraft

Dissect network, host, memory, and other artifacts originating from multiple operating systems and applications.

Investigate security events and active attacks across the enterprise, uncovering sophisticated threats and identifying patterns of behavior that indicate insider risk

Influence and inform security controls designed to safeguard Palantir's most critical assets

Partner closely with other members of the Information Security team to lead changes in the company's network defense posture.

What We Value

Broad exposure to multiple security subject areas, including a strong background in forensics or threat intelligence

Deep exposure in Incident Response or Detection Engineering

Desire to further the information security community through substantive contributions (e.g. conference talks, blog posts, public tool development, etc.)

Comfort in operating autonomously and engaging across business levels to advise on security outcomes.

What We Require

Extensive security experience (3+ years) in at least one major platform (e.g. AWS, Azure, Windows, OS X, Linux, etc.)

Proficiency in Python (preferred), PowerShell, or similar

Familiarity with endpoint telemetry and log sources from at least one major operating system

Experience with common SIEM/SOAR platforms and proficiency writing queries against security event data

Active TS/SCI security clearance or eligibility to obtain a security clearance.

Stop applying to ghosts.

OyaPilot surfaces only verified, real jobs, scores your fit, and tailors your application truthfully.

Information Security Engineer - Insider Risk at palantir (Seattle, WA) | OyaPilot · OyaPilot