Tesla
Sr. Endpoint Security Management Engineer
Tesla, Austin, Texas, us, 78716
We are looking for a highly motivated Senior Engineer specializing in the Endpoint Security hardening and strategic development space to help defend and protect Tesla's data, infrastructure, and products. This includes both Corporate and Manufacturing/ICS systems. Other car companies have talked for years about a future of "connected cars." At Tesla, we make it happen. We regularly send over-the-air software updates to our Model S, Model 3, Model X, and Model Y fleet, seamlessly delivering new features and improvements to our customers. Our mobile applications allow customers to interact with their cars via real-time, low-latency two-way communication. We also build tools for our internal sales, delivery, and service teams. We are building "a machine that builds a machine". To this end, information, endpoint, and product security is of the utmost importance. The Endpoint Security Team is responsible for curating, deploying, and managing industry-standard security policies to Tesla's managed fleet of endpoints (Windows) in Tesla Corporate, Retail, and Manufacturing environments. As an Endpoint Security Engineer, you will work very closely with the Vulnerability Management, Desktop Engineering, Incident Response & Detection, and Tesla Manufacturing teams and act as a "bridge" connecting InfoSec and other Security Engineering teams. You will represent the InfoSec team's vision and mission while making sure all new and existing security policies are continuously reviewed and enforced across all managed devices. We are looking for an Engineer with specialized knowledge and experience with managing security policy and principals across a large enterprise that reflect a security-first perspective to ensure the most secure, yet usable, computing environment.
Responsibilities
Operate as the resident expert for all Windows-based endpoints as it relates to defining, deploying, and reporting on enterprise-level security policy to support our fast-growing user base while maintaining and supporting business critical systems and organizational unitsReviews existing security policy on a regular basis to ensure that standards are inline and/or exceeding industry standard best practices according to published frameworks/benchmarks (NIST/CIS)Expert level knowledge of managing and creating endpoint protection solutions' configurations, metrics, and operational support including, but not limited to, supporting architectural changes, tool and package deployments, and advanced policy development and deploymentProvide guidance on architectural analysis, design, and support for endpoint security systems and ongoing compliance initiatives to drive a security-first frameworkManage policies and software deployments for endpoint security solutions in conjunction with our Desktop Engineering team for holistic coverageDesign, implement, and track month-over-month KPIs and KCIs on the health of all endpoint security solutionsAdminister policy configurations for endpoint security controls (ex. secure configuration qualification) and perform end-to-end Endpoint Protection architecture assessments and security reviewsCreate and maintain Standard Operating Procedures (SOPs) related to operational tasks for endpoint security managementAssist with advanced security incident response and detection activities when required, troubleshoot complex enterprise workstation and server environmentsDetailed knowledge in system security architecture and security solutions and proficient understanding of IT infrastructure, security, & NGAV + ZTNA policies/exclusions/rules, etc.Requirements
Minimum 5 years of prior hands-on endpoint security / cybersecurity experienceExperience with Enterprise Endpoint Security solutions such as Sentinel One/Trend Micro/Crowdstrike/Microsoft Defender ATP, etc.Experience with Zero Trust Network Access solutions such as Zscaler, Akamai, Palo Alto Networks, etc.Experience in a fast-paced, enterprise environment is a bonusExperience related to industrial control systems security is desirableGood understanding of security architecture and experience managing and hardening of secure configurations of both Enterprise and Industrial/Manufacturing systems and protocolsExperience with vulnerability identification and prioritization in an enterprise settingKnowledge of the NIST Risk Management FrameworkReal world experience using at least one major SIEM systemCompensation and BenefitsBenefits
Along with competitive pay, as a full-time Tesla employee, you are eligible for the following benefits at day 1 of hire:
Aetna PPO and HSA plans > 2 medical plan options with $0 payroll deductionFamily-building, fertility, adoption and surrogacy benefitsDental (including orthodontic coverage) and vision plans, both have options with a $0 paycheck contributionCompany Paid (Health Savings Account) HSA Contribution when enrolled in the High Deductible Aetna medical plan with HSAHealthcare and Dependent Care Flexible Spending Accounts (FSA)LGBTQ+ care concierge services401(k) with employer match, Employee Stock Purchase Plans, and other financial benefitsCompany paid Basic Life, AD&D, short-term and long-term disability insuranceEmployee Assistance ProgramSick and Vacation time (Flex time for salary positions), and Paid HolidaysBack-up childcare and parenting support resourcesVoluntary benefits to include: critical illness, hospital indemnity, accident insurance, theft & legal services, and pet insuranceWeight Loss and Tobacco Cessation ProgramsTesla Babies programCommuter benefitsEmployee discounts and perks program
Responsibilities
Operate as the resident expert for all Windows-based endpoints as it relates to defining, deploying, and reporting on enterprise-level security policy to support our fast-growing user base while maintaining and supporting business critical systems and organizational unitsReviews existing security policy on a regular basis to ensure that standards are inline and/or exceeding industry standard best practices according to published frameworks/benchmarks (NIST/CIS)Expert level knowledge of managing and creating endpoint protection solutions' configurations, metrics, and operational support including, but not limited to, supporting architectural changes, tool and package deployments, and advanced policy development and deploymentProvide guidance on architectural analysis, design, and support for endpoint security systems and ongoing compliance initiatives to drive a security-first frameworkManage policies and software deployments for endpoint security solutions in conjunction with our Desktop Engineering team for holistic coverageDesign, implement, and track month-over-month KPIs and KCIs on the health of all endpoint security solutionsAdminister policy configurations for endpoint security controls (ex. secure configuration qualification) and perform end-to-end Endpoint Protection architecture assessments and security reviewsCreate and maintain Standard Operating Procedures (SOPs) related to operational tasks for endpoint security managementAssist with advanced security incident response and detection activities when required, troubleshoot complex enterprise workstation and server environmentsDetailed knowledge in system security architecture and security solutions and proficient understanding of IT infrastructure, security, & NGAV + ZTNA policies/exclusions/rules, etc.Requirements
Minimum 5 years of prior hands-on endpoint security / cybersecurity experienceExperience with Enterprise Endpoint Security solutions such as Sentinel One/Trend Micro/Crowdstrike/Microsoft Defender ATP, etc.Experience with Zero Trust Network Access solutions such as Zscaler, Akamai, Palo Alto Networks, etc.Experience in a fast-paced, enterprise environment is a bonusExperience related to industrial control systems security is desirableGood understanding of security architecture and experience managing and hardening of secure configurations of both Enterprise and Industrial/Manufacturing systems and protocolsExperience with vulnerability identification and prioritization in an enterprise settingKnowledge of the NIST Risk Management FrameworkReal world experience using at least one major SIEM systemCompensation and BenefitsBenefits
Along with competitive pay, as a full-time Tesla employee, you are eligible for the following benefits at day 1 of hire:
Aetna PPO and HSA plans > 2 medical plan options with $0 payroll deductionFamily-building, fertility, adoption and surrogacy benefitsDental (including orthodontic coverage) and vision plans, both have options with a $0 paycheck contributionCompany Paid (Health Savings Account) HSA Contribution when enrolled in the High Deductible Aetna medical plan with HSAHealthcare and Dependent Care Flexible Spending Accounts (FSA)LGBTQ+ care concierge services401(k) with employer match, Employee Stock Purchase Plans, and other financial benefitsCompany paid Basic Life, AD&D, short-term and long-term disability insuranceEmployee Assistance ProgramSick and Vacation time (Flex time for salary positions), and Paid HolidaysBack-up childcare and parenting support resourcesVoluntary benefits to include: critical illness, hospital indemnity, accident insurance, theft & legal services, and pet insuranceWeight Loss and Tobacco Cessation ProgramsTesla Babies programCommuter benefitsEmployee discounts and perks program