Product Infrastructure Security Engineer

Palantir builds the world’s leading software for data-driven decisions and operations. By bringing the right data to the people who need it, our platforms empower our partners to develop lifesaving drugs, forecast supply chain disruptions, locate missing children, and more.

Our products support some of the most important and impactful work in the world, including defense, intelligence, and commercial applications. We are trusted by our customers to protect their mission-critical information in the face of advanced persistent threats. The mission of the Product Security Team is to enable Palantir’s product engineering organizations to build, ship, and operate the most secure and resilient products and infrastructure possible. We partner deeply with engineering teams across the company — from product engineers to forward deployed engineers — to embed security at every layer of what we build. Given the mission critical work that Palantir does, investments in product security have never been more important.

As a Product Infrastructure Security Engineer, you will be hands-on and have wide-ranging impact for the security of Palantir:

• Product security reviews. You will perform full-scope security reviews of our current and future product and service portfolio. You will work with offensive security teams, engineering teams, and other members of the InfoSec organization to harden our products against our dedicated adversaries.
• Architecture and design. You will be the security subject matter expert for product architects and engineers. You will threat model, assess risks, and help implement security controls and mitigations to address identified issues. You will directly steer the design of our products to ensure we are secure-by-default.
• Strategic security initiatives. You will be empowered to own transformational security initiatives that have broad impact across Palantir's most critical platforms. Members of the Product Infrastructure Security Team work directly to secure Palantir's core products, including AIP, Foundry, Gotham, and Mission Manager.
• Vulnerability identification and analysis. You will be responsible for finding new and novel ways to identify and resolve security vulnerabilities in our product infrastructure. This includes posture analysis and management, infrastructure vulnerability scanning, investigation of security reports, and direct work with our incident response team on product security issues and incidents.

This role has wide-reaching impact, strong autonomy, and the resources and empowerment to make significant security improvements across all Palantir. The skills and background of successful candidates may vary highly, but curiosity, tenacity, and a drive to be a world-class security engineer are the underpinnings of our team.

Perform deep architecture and security reviews on highly complex platform architecture to identify vulnerabilities

Lead engineering teams in feature design, threat modeling, and security-critical control implementation

Develop and implement automation to enforce security baselines and eliminate entire classes of infrastructure weaknesses across the organization

Drive decision-making by determining the tradeoffs between security and product design

Lead implementation of strategic security initiatives that improve security across Palantir

Self motivated, experience in solving complex problems

History and experience designing and operating production-grade infrastructure and platform services

Strong communication and collaboration skills; comfort working with engineering teams across verticals

Ability to learn and apply new technologies quickly and in complex deployments

Platform engineering experience operating Kubernetes and/or building controllers, and a deep passion for information security

Experience with a modern high-level programming language (e.g. Java, Golang, Javascript, Python, etc.)

Experience with complex or distributed platform architectures

Experience security testing or hardening Kubernetes based platforms

Experience evaluating Cloud, Linux, and Kubernetes configurations for vulnerabilities and weaknesses