Detection Engineer, Information Security

Tesla operates huge, vertically integrated factories across three continents and a global Supercharger network. The Security Operations & Response Team is responsible for 24/7 monitoring, incident response, threat detection, and mitigation across this global enterprise. They utilize advanced security & intelligence systems to promptly identify/respond to incidents, conduct thorough investigations, and mitigate potential risks or damages.

As a Detection Engineer specializing in security detection & incident response, you will:

• Define, implement, and tune detection capabilities to detect & remediate malicious activity
• Continually improve & create detection tools, craft high-fidelity signaling, remove noise, and reduce manual investigative efforts
• Collaborate with business teams to identify, craft and implement custom workflow detection strategies
• Analyze adversarial techniques and develop detection approaches across diverse environments
• Engage with Engineering teams to implement sensors and tools to improve response capabilities
• Collaborate with Incident Response and Security Operations during investigations and incidents
• Develop custom tooling to improve and accelerate analysis during investigations
• Analyze and interpret complex log data to identify relevant information

Your work will scale across Tesla's world-class supercomputing, AI/ML, manufacturing 5G/OT, Solar OT, and enterprise IT environments. You'll be at the forefront of developing groundbreaking solutions, pushing boundaries, and driving real-world impact in security detection and incident response.

Required skills and experience:

• Proficiency in Detection Engineering, Incident Response, Security Operations, DFIR, Security DevOps, SecOps, or Security Product Development
• Experience with detection & response technologies (SIEM, EDR, CNAPP, NDR, NDIS/NIPS, SIGMA, YARA), security automation SOAR tools, IT automation, and/or custom automation methods
• Experience working with/in Linux containers & orchestration systems (Kubernetes) and cloud environments (AWS)
• Critical thinking, problem-solving & investigative mindset
• Ability to operate at scale and adapt to change in complex and diverse environments

Preferred skills:

• Familiarity with security event correlation, data visualization, graphing, timelines, trending, behavioral analytics and/or anomaly detection
• Experience utilizing machine learning models to detect anomalies and predict potential issues

Join Tesla's Security Operations & Response Team to make a significant impact on global cybersecurity in a fast-paced, innovative environment.