Responsibilities

We
are looking for a highly motivated engineer specializing in the vulnerability
management and endpoint security hardening space to help defend and protect
Tesla’s data, infrastructure, and products. This includes both Corporate and
Manufacturing/ICS systems. Other car companies have talked for years about a
future of “connected cars.” At Tesla, we make it happen. We regularly
send over-the-air software updates to our Model S, Model 3, Model X, and Model
Y fleet, seamlessly delivering new features and improvements to our customers.
Our mobile applications allow customers to interact with their cars via
real-time, low-latency two-way communication. We also build tools for our
internal sales, delivery, and service teams. We are building “a machine that
builds a machine”. To this end, information, endpoint, and product security is
of the utmost importance. The Endpoint Security & Vulnerability Management
Team is responsible for identifying, researching, prioritizing, remediating,
and mitigating vulnerabilities in the diverse Tesla corporate and manufacturing
infrastructure. As a Vulnerability Management Security Engineer, you will work
very closely with the Tesla Red Team, GSM (Global Supply Management), Incident
Response & Detection, and Tesla Manufacturing teams and act as a “bridge”
connecting InfoSec and other engineering teams. You will represent the InfoSec
vision and make sure new and existing vulnerabilities are remediated in a
timely manner across all managed endpoints. We are looking for a generalist,
who has experience in multiple interconnected disciplines related to system
hardening, patch management, application reviews, ICS security including
ICS/SCADA equipment including all major OEMs HMI, PLCs, and components, Windows,
macOS, and Linux operating systems, and network architectures.

Requirements

• Minimum 4 years of prior hands-on vulnerability management / application security /endpoint security experience
• Experience related to industrial control systems security is desirable.
• Good understanding of security architecture and experience managing and hardening of secure configurations of both Corporate and Industrial/Manufacturing systems and protocols
• Experience with vulnerability identification and prioritization in an enterprise setting
• Experience using scripting languages (Python or similar, PowerShell scripts, bash)
• Real world experience using at least one major SIEM system
• Experience with Splunk is a bonus
• Security Certifications (i.e. Security+, CISSP, CEH, SANS, etc.)