The Role We are looking for a highly motivated security professional specializing in security monitoring, detection, and incident response to join the global security operations team to protect Tesla’s information, infrastructure and products. It’s fun to work in a company where employees BELIEVE in what they’re doing! The Security Operations Center (SOC) is at the frontline of Tesla multilayered defense and is responsible for detecting and responding to threats against our corporate, manufacturing and production environments. As a SOC Analyst, you will protect Tesla by acting as the primary line of defense by identifying, analyzing and remediating threats in our environment. You will be involved in investigating and responding to SIEM alerts and active attacks, user security-related questions/reports, incident response (war room, remote bridges), and on-going maintenance, tuning, and improvements of the detection signals.
Minimum Education Level: Bachelor's
- Experience performing security monitoring and incident response duties in a SOC environment
- Ability to quickly triage multiple security incidents and assign the right priority based on risk and confidence levels
- Good understanding of the common network security concepts including TCP/IP protocol stack, HTTP/HTTPS, TLS, WAF, VPN
- Good understanding and real-life experience responding to the common types of attacks such as DDoS, credentials stuffing, phishing/spam, adware/malware, attacks against Windows/Active directory environments, attacks against public cloud infrastructure (AWS)
- Security automation experience using tools such as Phantom or Demisto (SOAR, runbooks) is desirable.
- Familiarity and good understanding of various IT and security areas such as systems administration, antivirus/EDR protection, intrusion detection, incident response, phishing, application security, network security, credentials stuffing, forensics
- Real world experience using at least one major SIEM system. Experience with Splunk and Splunk ES is a bonus
- Experience using scripting languages (Python or similar, PowerShell scripts, bash) is a plus
- Security Certifications (i.e. Security+, CISSP, CEH, SANS, etc.) is also a plus Prior experience in a 24x7x365 IT/security operations environment with incident tracking/handover between different geographic regions