Web Engineer, Global Security
In this role you will be working with a team of top investigators with Tesla's Global Security team to support investigations into threats from internal sources to Tesla facilities and property around the globe. This role requires a wide range of knowledge into web infrastructure including standing up non-attributable web services, VPN infrastructure, minor web development and testing web application security.
- Acquire and configure web infrastructure for hosting applications and storage to support investigative efforts
- Act as SME to stakeholders on issues regarding web infrastracuture
- Assist information security and information technology teams when required for investigative issues
- Configure and secure non-attributable infrastructure in support of investigations
- Review logs from internal and external infrastructure for signs of compromise and misuse when required.
- Work with software engineers to help implement hosted applications and cloud infrastructure
- Act as the liaison on security issues regarding web applications with internal teams
- Bachelor degree in Computer Science or a related field, or an equivalent combination of education, training, and/or experience related to this position
- Good understanding of application security standards, frameworks, attack methods, and mitigation best practices (e.g., OWASP, SANS, NIST)
- Familiarity with application security tools such as scanners, fuzzers, proxies, and scrapers
- Ability to write scripts using bash, PowerShell, Python, Perl, etc.
- Ability to install and configure VPNs, VPS, S3, Docker containers, Apache, etc.
- Expert knowledge of web protocols and how they work (TCP, IP, IGRP, DNS, FTP, etc)
- Ability to translate technical details for all audiences
- Technical writing and documentation skills
- Excellent written and verbal communications skills
- Understanding of complex project timelines
- At least 2 years of experience standing up web infrastructure
- At least 3 years of IT experience, with at least one year in IT Security
- Demonstrated experience working with security appliances and cloud infrastructure such as AWS, Azure, Akamai, Sucuri, Imperva, Cisco, Juniper.
- CISSP and/or relevant SANS certifications
- Ability to de-escalate high-pressure situations, synthesize the big picture and be able to rapidly\accurately communicate with both technical and non-technical stakeholders