Security Engineer, Blue Team

About SpaceX

SpaceX was founded under the belief that a future where humanity is out exploring the stars is fundamentally more exciting than one where we are not. Today SpaceX is actively developing the technologies to make this possible, with the ultimate goal of enabling human life on Mars.

The Role: Security Engineer, Blue Team

SpaceX is targeted by sophisticated adversaries determined to disrupt or obtain the cutting-edge technology it develops. SpaceX is hiring a Security Engineer, Blue Team to join the security operations team to build the capabilities needed to detect and respond to these adversaries. The environment in which you will operate is used to launch rockets and control spacecraft. You will be tasked with developing the tooling and data delivery mechanisms the security operations team will use to catch these threat actors in this environment before they can disrupt or deny SpaceX’s mission.

Your output will be developing solutions to address visibility gaps while bolstering the resilience of internally developed tooling to ensure maximum uptime for detecting threats. Your work may involve creating automation workflows to drive down time to triage security detections, developing a service to pull in new datasets or enrich existing ones, and finally helping the SOC respond and address visibility gaps from an incident. If you are interested in detecting and disrupting sophisticated threat actors in order to secure SpaceX’s mission to Mars, let’s talk!

Responsibilities

• Build and improve existing security detection mechanisms and automation frameworks that directly drive what the Security Operations Center detects.
• Engage with relevant owners of high-risk systems and services to identify and prioritize detection gaps.
• Investigate anomalous or suspicious behavior in the environment as it is identified in the detection engineering process.
• Participate in adversary emulation activities to identify detection gaps in the environment.

Basic Qualifications

• 2+ years of professional experience in incident response, security operations, or security engineering role in lieu of a degree; OR a bachelor’s degree in security engineering, computer science, cyber security, engineering, math, or other STEM discipline.
• Experience with any modern programming language (including but not limited to Python, Go, C++, Rust).

Preferred Skills and Experience

• Experience performing Incident Response related tasks or being a part of a role directly contributing to a CSIRT team.
• Experience building Extract, Transform, and Load (ETL) pipelines from diverse systems to optimize logging formats for threat detection.
• Demonstrated ability to support and manage services in a Kubernetes (k8s) environment, ensuring high availability and reliability through monitoring, alerting, and infrastructure automation.
• Knowledge of traditional Security Operations environments and response procedures, including modern security information and event management (SIEM) systems.
• Knowledge of common Red Team and Adversarial attack trends and techniques, and the evidence sources needed to investigate.
• Knowledge of common attack trends or techniques, and the evidence sources needed to investigate.
• Familiarity with enterprise security controls and best practices for Windows, Linux, and/or macOS systems.

Additional Requirements

• Must be able to work extended hours and weekends as needed.
• This role requires you to be onsite. Remote or hybrid work will NOT be considered.

Key skills/competency

• Security Operations
• Incident Response
• Threat Detection
• Automation
• Cyber Security
• Programming (Python, Go, C++, Rust)
• Kubernetes (k8s)
• SIEM
• ETL Pipelines
• Adversary Emulation