Tesla is accelerating the world's transition to sustainable energy. Revolutionary strategies and products were developed within a few years and successfully launched on a large scale. This is only possible through extraordinary speed, innovation and efficiency.
Gigafactory Berlin forms the perfect basis for rolling out Tesla's incredible success story in Europe. The most important pillar for this are our employees. Their passion, motivation and engagement ensure that we achieve our goals. We are looking for you to continue and expand this success story together.
The Role
We are looking for a highly motivated engineer specializing in security monitoring, detection and incident response to defend Tesla’s information, infrastructure and products.Other car companies have talked for years about a future of "connected cars." At Tesla, we make it happen. We regularly send over-the-air software updates to our Model S and Model X fleet, seamlessly delivering new features and improvements to our customers. Our mobile applications allow customers to interact with their cars via real-time, low-latency two-way communication. We also build tools for our internal sales, delivery, and service teams. Today we remotely identify potential vehicle issues before a customer does—and often fix problems remotely too. To this end information and product security is of the utmost importance.
The Detection Team is responsible for detecting and responding to threats against our corporate, manufacturing and production environments. As a Detection Engineer, you will defend Tesla by helping to build and run a comprehensive threat detection program. You will improve logging coverage, build and tune log aggregation, analysis, and alerting systems, and detect threats at scale.
Responsibilities:
Analyze the latest attacker techniques and develop approaches to detect them across the company's diverse environments and endpoints.
Define, implement, and tune detective capabilities and data sources to detect and remediate malicious activity.
Work with engineering and operations teams to implement threat detection signals, deploy new tooling, and improve response capabilities.
Analyze security data and report on threats and incidents across various platforms and environments.
Use automation to improve identification and response time and reduce impact when an incident occurs
Requirements:
BS/MS in Computer Science, Information Systems, Electrical Engineering, or the equivalent in experience and evidence of exceptional ability.
Excellent understanding and experience in multiple security domains such as intrusion detection, incident response, malware analysis, application security, and forensics.
Experience detecting abuse and large-scale attacks in a diverse environment.
Software engineering experience in Python, Ruby, Go, C, JavaScript or other OOP languages.
Experience in cloud environments (AWS preferred), Linux containers, and orchestration systems (Kubernetes preferred)
DevOps or security automation experience.
Experience working with multiple stakeholders such as engineering/operations teams, internal business units, external incident response teams, and law enforcement throughout the incident lifecycle.
Familiarity with the following detection-related disciplines with deep experience in one or more:
Large scale analysis of log data using tools such as Splunk or ELK.
Security automation using tools such as Phantom or Demisto.
File system, memory, or live response on Windows, MacOS and/or Linux.
Analysis of network traffic from intrusion detection systems and flow monitoring systems.
Host level detection with tools such as auditd, os-query, SysMon
