Tesla
Cybersecurity Auditor
Tesla, Austin, Texas, us, 78716
The Internal Audit team's mission is to call attention to risks and drive actions to address those risks to protect Tesla. The team partners with IT, Engineering, and Information Security/Privacy groups to identify areas of risk and make valuable recommendations on standardization of processes and controls.
Tesla is seeking an experienced Cybersecurity Auditor to plan, execute, lead, and report on operational, information security, and technical transformation audits. This position is responsible for leading complex activities associated with completing technical security assessments (audits), as well as performing other short-term projects to provide recommendations on standardizing controls within corporate, product, and manufacturing IT environments.
Responsibilities
Lead in-depth cybersecurity audits, evaluating network security, firewalls, IDS/IPS, ZIA/ZTA,endpoint security controlsInteract extensively with IT, InfoSec, and Engineering teams and be comfortable executing projects in areas of product security, data security, vulnerability management, end point security, and/or network securityConduct vulnerability assessments and penetration testing (controls stress test), identifying and addressing security gaps in applications, and cloud/hosted infrastructureEvaluate the effectiveness of cybersecurity monitoring and incident response practices, including SIEM, threat intelligence, and forensic capabilitiesAssess identity and access management (IAM) systems to measure the effective role-based access control (RBAC), authentication, and privileged access management (PAM) controlsCollaborate with cybersecurity and engineering functions to ensure audit findings drive improvements in security posture and threat detection capabilities for Tesla products and servicesRequirements
6+ years of years of demonstrated real world experience performing technical security assessments and/or penetration testingStrong understanding of cybersecurity frameworks (NIST, ISO 27001), compliance standards, and advanced attack vectorsAbility to conduct and lead penetration testing audits, vulnerability and/or threat assessments, and present risks to technical and non-technical stakeholdersProficiency in any of the following: PowerShell Empire, SPLUNK, Metasploit Framework, Cobalt Strike, Burp Suite, Canvas, Kali Linux, IPTables, Sysinternals, A/V evasion methodologies, Exploit DevKnowledge of exploitation concepts including phishing and social engineering tactics, buffer overflows, fuzzing, SQLi, MiTM, covert channels, secure tunneling and open-source exfiltration techniquesBachelor's Degree in MIS or equivalent experienceAt least one professional certification required such as CISSP, GPEN, OSCP or other applicable professional certificationCompensation and BenefitsBenefits
Along with competitive pay, as a full-time Tesla employee, you are eligible for the following benefits at day 1 of hire:
Aetna PPO and HSA plans > 2 medical plan options with $0 payroll deductionFamily-building, fertility, adoption and surrogacy benefitsDental (including orthodontic coverage) and vision plans, both have options with a $0 paycheck contributionCompany Paid (Health Savings Account) HSA Contribution when enrolled in the High Deductible Aetna medical plan with HSAHealthcare and Dependent Care Flexible Spending Accounts (FSA)LGBTQ+ care concierge services401(k) with employer match, Employee Stock Purchase Plans, and other financial benefitsCompany paid Basic Life, AD&D, short-term and long-term disability insuranceEmployee Assistance ProgramSick and Vacation time (Flex time for salary positions), and Paid HolidaysBack-up childcare and parenting support resourcesVoluntary benefits to include: critical illness, hospital indemnity, accident insurance, theft & legal services, and pet insuranceWeight Loss and Tobacco Cessation ProgramsTesla Babies programCommuter benefitsEmployee discounts and perks program
Tesla is seeking an experienced Cybersecurity Auditor to plan, execute, lead, and report on operational, information security, and technical transformation audits. This position is responsible for leading complex activities associated with completing technical security assessments (audits), as well as performing other short-term projects to provide recommendations on standardizing controls within corporate, product, and manufacturing IT environments.
Responsibilities
Lead in-depth cybersecurity audits, evaluating network security, firewalls, IDS/IPS, ZIA/ZTA,endpoint security controlsInteract extensively with IT, InfoSec, and Engineering teams and be comfortable executing projects in areas of product security, data security, vulnerability management, end point security, and/or network securityConduct vulnerability assessments and penetration testing (controls stress test), identifying and addressing security gaps in applications, and cloud/hosted infrastructureEvaluate the effectiveness of cybersecurity monitoring and incident response practices, including SIEM, threat intelligence, and forensic capabilitiesAssess identity and access management (IAM) systems to measure the effective role-based access control (RBAC), authentication, and privileged access management (PAM) controlsCollaborate with cybersecurity and engineering functions to ensure audit findings drive improvements in security posture and threat detection capabilities for Tesla products and servicesRequirements
6+ years of years of demonstrated real world experience performing technical security assessments and/or penetration testingStrong understanding of cybersecurity frameworks (NIST, ISO 27001), compliance standards, and advanced attack vectorsAbility to conduct and lead penetration testing audits, vulnerability and/or threat assessments, and present risks to technical and non-technical stakeholdersProficiency in any of the following: PowerShell Empire, SPLUNK, Metasploit Framework, Cobalt Strike, Burp Suite, Canvas, Kali Linux, IPTables, Sysinternals, A/V evasion methodologies, Exploit DevKnowledge of exploitation concepts including phishing and social engineering tactics, buffer overflows, fuzzing, SQLi, MiTM, covert channels, secure tunneling and open-source exfiltration techniquesBachelor's Degree in MIS or equivalent experienceAt least one professional certification required such as CISSP, GPEN, OSCP or other applicable professional certificationCompensation and BenefitsBenefits
Along with competitive pay, as a full-time Tesla employee, you are eligible for the following benefits at day 1 of hire:
Aetna PPO and HSA plans > 2 medical plan options with $0 payroll deductionFamily-building, fertility, adoption and surrogacy benefitsDental (including orthodontic coverage) and vision plans, both have options with a $0 paycheck contributionCompany Paid (Health Savings Account) HSA Contribution when enrolled in the High Deductible Aetna medical plan with HSAHealthcare and Dependent Care Flexible Spending Accounts (FSA)LGBTQ+ care concierge services401(k) with employer match, Employee Stock Purchase Plans, and other financial benefitsCompany paid Basic Life, AD&D, short-term and long-term disability insuranceEmployee Assistance ProgramSick and Vacation time (Flex time for salary positions), and Paid HolidaysBack-up childcare and parenting support resourcesVoluntary benefits to include: critical illness, hospital indemnity, accident insurance, theft & legal services, and pet insuranceWeight Loss and Tobacco Cessation ProgramsTesla Babies programCommuter benefitsEmployee discounts and perks program