This position will support the Tesla Global Security team by automating multiple tasks to increase efficiency and accuracy. As part of the Global Security team you will be aiding in investigating incidents that occur within Tesla’s corporate environment. The person in this position will be responsible for analyzing existing technical tasks performed by investigators and building tools to automate those tasks. This will require identifying areas where efficiencies can be gained, understanding the existing process, and writing code/building tools that will automate the tasks. Example automation tasks may include: Investigating manual processes which process data, determining how the data originates and arrives at its destination, documenting and possibly recommending changes to the process, and building a utility to automate the importation of all of this data into a security tool via an API. Automate the gathering of data from security tools through a variety of methods including screen-scraping, and building automated reporting using that data.
Investigating manual processes which process data, determining how the data originates and arrives at its destination, documenting and possibly recommending changes to the process, and building a utility to automate the importation of all of this data into a security tool via an API.
Gathering data from security tools through a variety of methods including screen-scraping, and building automated reporting using that data.
Work with software engineers to develop and implement a web-based tool to query security appliances and provide on-demand system status.
Work with investigators to determine areas of data collection that can be automated and distilled.
Coordinate with production information security and information technology teams to deploy solutions and ensure corporate requirements are met.
2+ years of experience developing with a scripting language (Python, Perl, JS, etc)
2+ years of experience with shell scripting in PowerShell, bash
2+ years of experience working on networking and/or cybersecurity projects is preferred, but not required
BA/BS in Computer Science, Computer Engineering, or related field is preferred, but not required
A pulse on the tools, tactics and procedures the bad guys are using today and what they'll be using tomorrow.
Experience in securing three or more of the following:
Cloud Security – AWS/Azure
System Security - MacOS\Linux\Windows
Application Security - OWASP Web Vulnerabilities
Network Security – Cisco, Juniper, F5
Malware Analysis & Forensics
Tools of the trade including RegEx, YARA, Maltego, CRITS, MISP
SIEM\Log Aggregation\Data Analytics - Splunk\ELK
Strong project management skills with the ability to multi-task
Strong written and verbal communication skills
Ability to de-escalate high-pressure situations, synthesize the big picture and be able to rapidly\accurately communicate with both technical and non-technical stakeholders
Passionate about supporting, leading and mentoring team with a track record of building highly effective teams
Network security and core protocols such as TCP/IP, UDP, etc.
API architecture, creation, documentation, and development
Advanced security concepts, architecture, operations, and tools
Maintaining application security based on OWASP best practices
Various server and desktop operating systems
Understanding of software development life-cycle (design, develop, implementation, testing)
Ability to analyze problems to determine technical solutions
Experience with Qualysguard or other vulnerability/policy compliance scanning platforms
Working knowledge of Git or other source code repositories
Familiarity with container based APIs including OpenShift, Docker, or Kubernetes
NoSQL database experience — from schema design, indexing, querying, and performance tuning, to replication, sharding, and ensuring high availability
Ability to maintain the highest level of confidentiality
Interest in continuous learning and a passion for security
Tesla participates in the E-Verify Program