Facebook pixel

Infrastructure Engineer (Siem/Soar)
Posted on 4/14/2022
INACTIVE
Locations
Menlo Park, CA, USA
Experience Level
Entry
Junior
Mid
Senior
Expert
Desired Skills
AWS
Data Analysis
Development Operations (DevOps)
Docker
Google Cloud Platform
Microsoft Azure
Powershell
Splunk
Kubernetes
Python
Go
Requirements
  • 3+ years extensive security experience running, administering, or operating a complex Splunk Enterprise cluster
  • A highly analytical mindset and eagerness to solve technical problems with distributed computing, code development, data pipelining tools, data health and monitoring frameworks, and other technologies
  • Ability to independently own projects and balance competing priorities, whilst still effectively collaborating with colleagues
  • Experience with public cloud service providers (e.g. Amazon AWS, Google GCP, Microsoft Azure) and modern deployment technologies (e.g. CI/CD, Kubernetes, docker)
  • Proficiency in a modern scripting or programming language such as python (preferred), PowerShell, golang, or similar
  • Splunk Administrator or Architect Certification
  • Active US Security clearance, or eligibility and willingness to obtain a US Security clearance
Responsibilities
  • A Palantir Foundry cluster. We use our own software to integrate, process and monitor our data to achieve security outcomes. You'll have an opportunity to leverage it directly against some of the hardest problems we face
  • A multi-petabyte, distributed Splunk Enterprise cluster. We ingest 10+ terabytes of well-structured security telemetry per day and keep this data hot and searchable for years
  • A Splunk SOAR cluster. This provides centralized security automation, orchestration, and response capabilities for our security program, and helps our network defenders scale massively beyond their team size
  • Associated data and telemetry pipelines. We ingest data from hundreds of discrete sources to arm our network defenders. Keeping these data pipelines lean, healthy, secure, and timely is germane to our detection and investigation workflows
  • Work closely with DevOps to maintain, operate, and evolve a highly performant, large-scale Splunk Enterprise/SOAR cluster
  • Collaborate with other InfoSec teams to ensure data and telemetry collected is accurate, actionable, and provides significant security value
  • Develop, deploy, and monitor data pipelines to provide timely, complete, and accurate security data for network defenders
  • Directly support detection and investigation workflows through query development, dashboard creation, training, and new capability development
  • Ingest, enrich, transform, and analyze data in Palantir Foundry to provide meaningful security insights and improvements
Palantir

1,001-5,000 employees

Software for human-driven analysis of real-world data
Company mission
Palantir is committed to helping organizations get value out of their data while protecting sensitive information from misuse and abuse.
Benefits
  • Transparency
  • Take-What-You-Need Time Off Policy
  • Family Support
  • Community
  • Equity
  • Mental Health and Wellbeing
  • Healthcare