Description
As an Application Security Engineer at Palantir, you will be hands-on and have wide-ranging impact for the security of Palantir. Your responsibilities will include performing full-scope security reviews of our current and future product and service portfolio, working with offensive security teams, engineering teams, and other members of the InfoSec organization to harden our products against our dedicated adversaries.
You will be the security subject matter expert for product architects and engineers, threat modelling, assessing risks, and helping implement security controls and mitigations to address identified issues. You will directly steer the design of our products to ensure we are secure-by-default.
You will be empowered to own transformational security initiatives that impact the whole company, such as implementing software supply chain security controls, developing new security services, implementing security automation, or working on massive-scale security problems.
You will be responsible for finding new and novel ways to identify and resolve security vulnerabilities in our products, including static and dynamic code analysis, security scanning, investigation of security reports from InfoSec, our bug bounty program, or other trusted partners, and direct work with our incident response team on product security issues and incidents.
This role has wide-reaching impact, strong autonomy, and the resources and empowerment to make significant security improvements across all Palantir. The skills and background of successful candidates may vary highly, but curiosity, tenacity, and a drive to be a world-class security engineer are the underpinnings of our team.
Core Responsibilities
- Perform deep architecture and security reviews on highly complex products to identify vulnerabilities
- Lead engineering teams in feature design, threat modelling, and security-critical code and architecture
- Develop and implement automation to eliminate entire classes of weaknesses across the organisation
- Drive decision-making by determining the trade-offs between security and product design
- Lead implementation of strategic security initiatives that improve security across Palantir
What We Value
- Self-motivated, experience in solving complex problems
- History and experience designing and shipping production-ready software
- Strong communication and collaboration skills who feels comfortable working closely with engineering teams
- Ability to learn and apply new technologies quickly and in complex deployments
What We Require
- Development or software engineering experience and a deep passion for information security
- Experience with a modern high-level programming language (e.g. Java, Golang, Javascript, Python, etc.)
- Demonstrated experience evaluating code for vulnerabilities and weaknesses
- Experience with complex architectures and codebases (e.g. SOA or micro-services)
- Experience utilising/with CodeQL or other static code analysis platforms
- Experience performing black-box testing of web applications
Additional Information
- Estimated salary range for this position is $135,000 - $200,000/year
- Total compensation for this position may also include Restricted Stock units, sign-on bonus and other potential future incentives
- Benefits include medical, dental, and vision insurance, commuter benefits, paid time off, 10 paid holidays, supportive leave of absence program, paid leave for new parents, fertility and family building benefits, and stipend to help with expenses that come with a new child
- Application deadline is ongoing
- Life at Palantir focuses on promoting health and well-being across all areas of Palantirians' lives, with benefits and perks designed to support employees' physical, mental, and financial well-being
- Palantir encourages employees to work from their offices to foster connectivity and innovation, with many teams offering hybrid options (WFH a day or two a week)
- Some roles allow for remote work on an exceptional basis, but this is subject to business need and requires working from the state in which you are employed