SpaceX is looking for a Security Engineer to join the Security department to help protect and drive the SpaceX mission. Information drives our business and we must protect the confidentiality, integrity, and availability of systems and processes across the enterprise. As a highly visible and dynamic organization, we must also value and guard against damage to our reputation and brand. Finally, it is paramount that we defend against loss of control or confidence in our systems, to guarantee the highest probability of success. This role will focus on the "behind the scenes" technologies that ensure our networks and systems are up to industry and SpaceX standards of information security. It will also focus on providing high-criticality and high-risk services, with the confidentiality, integrity, and availability of those services in mind. This role will partner with various application development and customer groups across SpaceX to ensure that we are identifying and remediating any emerging vulnerabilities.
Requirements
- Experience with the Python programming language, GO, C, or Rust
- Experience designing and implementing security solutions for operating systems, distributed systems, or other enterprise/large-scale infrastructure
- Experience with secure code development practices
- Experience with Linux, Windows, and Mac system internals
- Proficient experience with the Python programming language, GO, C, or Rust
- Strong knowledge of public key infrastructure (PKI) environments and related technologies
- Experience with SAML, OIDC, and OAuth
Responsibilities
- Design, build, and maintain technology solutions and systems that provide security for SpaceX systems, networks, and data.
- Authentication and identity services, including multi-factor solutions, network access control identity servers, and related authentication and authorization technologies.
- Identity lifecycle management services and automation.
- Build and maintain scripts and automation that support the information security mission across SpaceX, to be utilized by information security teammates and other partner organizations.
- Network security systems and the backend infrastructure that powers such services.
- Application level security controls (e.g. web application firewalls).
- Cloud deployments security policy enforcement, centralized configuration management, monitoring, etc.
Other
- Serve as the subject matter expert (SME) for those solutions, maintaining documentation on them and advising others on their underlying technologies and operation.
- Work with security and IT teams to identify threats and problem areas, using that feedback to further strengthen tools and technologies.
- Create solutions that are scalable, repeatable, maintainable, and secure.
- Work collaboratively with other teams, including individuals in information security, physical security, information technology, human resources, legal, software, and others.
- Must be willing to work extended hours and/or weekends as needed
