You are a great hacker.

Sr Security Engineer, Detection @ Tesla

Fremont, California, US | Posted 5 months ago


We are looking for a highly motivated Security Engineer specializing in monitoring and detection to defend Tesla’s data, infrastructure, and users.

Other car companies have talked for years about a future of "connected cars." At Tesla, we’re making it happen. We regularly send over-the-air updates to our fleet, seamlessly delivering new features and improvements to our customers. Our mobile applications allow customers to interact with their cars via real-time, low-latency two-way communication. We also build tools for our internal sales, delivery, and service teams. Today we remotely identify potential vehicle issues before a customer does—and often fix problems remotely too. To this end information and product security is of the utmost importance.

The Detection Team is responsible for detecting threats against our corporate, manufacturing, and production environments. As a Detection Engineer, you will defend Tesla by helping to build and run a comprehensive threat-detection program. You will improve data coverage, build and tune data aggregation, threat analysis, alerting systems, and detect threats at a massive scale.


  • Develop tooling and frameworks to detect sophisticated attacker techniques and detect them across Tesla’s diverse environments and endpoints.
  • Define, implement, and tune detection capabilities and data sources to rapidly detect and remediate malicious activity
  • Work with engineering and security teams to implement detection capabilities, develop and deploy new tooling, and improve response capabilities.
  • Analyze security data and report on threats and incidents across various platforms and environments.
  • Develop and use automation to improve identification and response time to reduce impact for incidents


  • BS/MS in Computer Science, Information Systems, Electrical Engineering, or the equivalent in experience and evidence of exceptional ability.
  • Excellent understanding and experience in multiple security domains such as intrusion detection, incident response, malware analysis, cloud security, and forensics.
  • Experience detecting abuse and large-scale attacks in a diverse environment.
  • Automation and development experience in Python, Go, Rust, C++, JavaScript, etc.
  • Experience in cloud environments (AWS preferred) and Linux containers and orchestration systems (Kubernetes preferred)
  • DevSecOps or security tooling experience.
  • Experience working with multiple stakeholders such as engineering/operations teams, internal business units, external incident response teams, and law enforcement throughout the incident lifecycle.
  • Familiarity with the following detection-related disciplines with deep experience in one or more:
  • Large scale analysis of log data using tools such as Splunk or ELK.
  • Security automation using tools such as Phantom or Demisto.
  • File system, memory, or live detection on Windows, MacOS and Linux.
  • Analysis of network traffic from intrusion detection systems and flow monitoring systems.
  • Host detection tools such as auditd, osquery, SysMon, grr, etc.