Security Software Engineer

Описание вакансии

SpaceX was founded under the belief that a future where humanity is out exploring the stars is fundamentally more exciting than one where we are not. Today SpaceX is actively developing the technologies to make this possible, with the ultimate goal of enabling human life on Mars.

SECURITY SOFTWARE ENGINEER

SpaceX is looking for a Security Engineer to join the Security department to help protect and drive the SpaceX mission. Information drives our business and we must protect the confidentiality, integrity, and availability of systems and processes across the enterprise. As a highly visible and dynamic organization, we must also value and guard against damage to our reputation and brand. Finally, it is paramount that we defend against loss of control or confidence in our systems, to guarantee the highest probability of success. This role will focus on the "behind the scenes" technologies that ensure our networks and systems are up to industry and SpaceX standards of information security. It will also focus on providing high-criticality and high-risk services, with the confidentiality, integrity, and availability of those services in mind. This role will partner with various application development and customer groups across SpaceX to ensure that we are identifying and remediating any emerging vulnerabilities.

RESPONSIBILITIES:

Design, build, and maintain technology solutions and systems that provide security for SpaceX systems, networks, and data. This can include:

• Authentication and identity services, including multi-factor solutions, network access control identity servers, and related authentication and authorization technologies.
• Identity lifecycle management services and automation. Build and maintain scripts and automation that support the information security mission across SpaceX, to be utilized by information security teammates and other partner organizations.
• Network security systems and the backend infrastructure that powers such services.
• Application level security controls (e.g. web application firewalls).
• Cloud deployments security policy enforcement, centralized configuration management, monitoring, etc.
• Serve as the subject matter expert (SME) for those solutions, maintaining documentation on them and advising others on their underlying technologies and operation.
• Work with security and IT teams to identify threats and problem areas, using that feedback to further strengthen tools and technologies. Materialize this as improvements which result in stronger and safer software and application deployments across SpaceX, measuring in decreased risk and prevalence of issues.
• Create solutions that are scalable, repeatable, maintainable, and secure.
• Work collaboratively with other teams, including individuals in information security, physical security, information technology, human resources, legal, software, and others.

BASIC QUALIFICATIONS:

• Bachelor's degree in computer science or another STEM discipline; OR 2+ years of professional experience in security software development in lieu of a degree
• Experience with the Python programming language, GO, C#, or Rust
• Experience designing and implementing security solutions for operating systems, distributed systems, or other enterprise/large-scale infrastructure

PREFERRED SKILLS AND EXPERIENCE:

• Experience with secure code development practices
• Experience with Linux, Windows, and Mac system internals
• Proficient experience with the Python programming language, GO, C#, or Rust
• Strong knowledge of public key infrastructure (PKI) environments and related technologies
• Experience with SAML, OIDC, and OAuth
• Experience working with special purpose security hardware such as Trusted Platform Modules (TPMs) and Hardware Security Modules (HSMs)
• Fundamental understanding of network protocols; including the TCP/IP stack as well as UDP based protocols
• Experienced in navigating large, complex, interactive systems
• Familiarity with developing web-based APIs, HTTP-RPC, and REST
• Familiarity with enterprise security controls and security best practices for Windows, Linux, and Mac systems
• Effective problem-solving skills, and ability to quickly determine root-causes of issues
• Familiarity with macOS and Windows code-signing and deployment of enterprise applications

ADDITIONAL REQUIREMENTS:

• Must be willing to work extended hours and/or weekends as needed
• This role requires you to be onsite. Hybrid or remote work will not be considered

ITAR REQUIREMENTS:

• To conform to U.S. Government export regulations, applicant must be a (i) U.S. citizen or national, (ii) U.S. lawful, permanent resident (aka green card holder), (iii) Refugee under 8 U.S.C. § 1157, or (iv) Asylee under 8 U.S.C. § 1158, or be eligible to obtain the required authorizations from the U.S. Department of State. Learn more about the ITAR here.

SpaceX is an Equal Opportunity Employer; employment with SpaceX is governed on the basis of merit, competence and qualifications and will not be influenced in any manner by race, color, religion, gender, national origin/ethnicity, veteran status, disability status, age, sexual orientation, gender identity, marital status, mental or physical disability or any other legally protected status.

Applicants wishing to view a copy of SpaceX’s Affirmative Action Plan for veterans and individuals with disabilities, or applicants requiring reasonable accommodation to the application/interview process should reach out to EEOCompliance@spacex.com.