Information Security Engineer - Insider Risk
See all open roles at palantir →
Some ghost-posting signals
- open for 95 days (90+ without a fill is a strong ghost signal)
- 238 open roles at this company in 30 days (mass-hiring blitz)
- no salary disclosed (correlates with ghost postings)
See your fit for this role and apply with a truthfully tailored résumé.
About the role
Core Responsibilities
Engineer and automate end-to-end detection and investigation workflows, continuously improving Detection and Response infrastructure
Develop alerting and detection strategies to identify malicious or anomalous behavior, including new and novel defensive techniques that adapt to evolving adversary tactics and tradecraft
Dissect network, host, memory, and other artifacts originating from multiple operating systems and applications.
Investigate security events and active attacks across the enterprise, uncovering sophisticated threats and identifying patterns of behavior that indicate insider risk
Influence and inform security controls designed to safeguard Palantir's most critical assets
Partner closely with other members of the Information Security team to lead changes in the company's network defense posture.
What We Value
Broad exposure to multiple security subject areas, including a strong background in forensics or threat intelligence
Deep exposure in Incident Response or Detection Engineering
Desire to further the information security community through substantive contributions (e.g. conference talks, blog posts, public tool development, etc.)
Comfort in operating autonomously and engaging across business levels to advise on security outcomes.
What We Require
Extensive security experience (3+ years) in at least one major platform (e.g. AWS, Azure, Windows, OS X, Linux, etc.)
Proficiency in Python (preferred), PowerShell, or similar
Familiarity with endpoint telemetry and log sources from at least one major operating system
Experience with common SIEM/SOAR platforms and proficiency writing queries against security event data
Active TS/SCI security clearance or eligibility to obtain a security clearance.
Stop applying to ghosts.
OyaPilot surfaces only verified, real jobs, scores your fit, and tailors your application truthfully.
Do more with OyaPilot