Sr. Security Engineer, Information Security

At Tesla, we're revolutionizing transportation, energy generation, energy storage, self-driving technology, AI hardware, and software-pushing the limits of what's possible. As part of the Infrastructure & Platform Security Engineering team within our Information Security organization, you'll play a pivotal role in safeguarding our global on-premises data centers and public cloud environments. This includes securing the AI platforms that fuel our groundbreaking AI initiatives.

We're seeking a Senior Security Engineer to elevate our vulnerability management program, collaborating with cross-functional teams to identify, assess, prioritize, and remediate vulnerabilities across public and private clouds, Kubernetes clusters, and AI systems. You'll drive security reviews, risk analyses, and solution designs, ensuring our infrastructure remains resilient against evolving threats in a fast-paced, innovative ecosystem.

• Oversee scanning and assessment activities in a diverse tech landscape, leveraging tools and techniques to identify and prioritize vulnerabilities. Automate scanning, assessment, and reporting processes to boost efficiency, scalability, and proactive threat mitigation
• Analyze vulnerability root causes, partner with cross-functional teams to prioritize and execute remediation strategies and track progress to ensure swift resolution minimizing risks to Tesla's mission-critical systems
• Assess the impact of new threats and vulnerabilities, determining priorities and implementing remediations to stay ahead of potential exploits
• Develop and manage tools that embed security vulnerability detection early in the development lifecycle, fostering a culture of secure-by-design innovation
• Work with Security Operations, Detection, and Incident Response teams to create detection signals, incident response playbooks, and supporting tooling, enhancing our overall defensive posture
• Conduct threat modeling, risk assessments, and attack vector identification. Manage third-party and supply chain risks by evaluating vulnerabilities in vendor software and external dependencies, then devising effective mitigation strategies
• Create and maintain vulnerability management metrics and dashboards, tracking key indicators like mean time to remediate (MTTR), vulnerability aging, and overall risk exposure to inform strategic decisions
• Integrate vulnerability management with audit requirements, perform regular compliance scans, and prepare evidence for internal and external audits, aligning with standards to uphold Tesla's commitment to excellence
• Monitor sources such as CVE databases, MITRE ATT&CK, and vendor advisories to proactively assess and prioritize vulnerabilities based on exploitability and relevance to Tesla's operations
• Research and recommend new vulnerability management tools, technologies, or vendors to advance program maturity and address emerging threats, including supply chain vulnerabilities

• Degree in Computer Science, Information Security, or a related field (or equivalent experience with demonstrated exceptional ability). At least 5+ years in a security team, with a proven track record in vulnerability management, including leading scanning, remediation, and automation efforts
• In-depth knowledge of Linux security, defense-in-depth principles, and frameworks like STIG, MITRE ATT&CK, and NIST SP 800-53
• Strong experience with vulnerability scanning and assessment tools (e.g., Wiz, Tenable, CrowdStrike, or equivalents)
• Proficiency in at least one programming or scripting language (e.g., Python, Go, or Java), plus familiarity with GitOps principles and automation tools (e.g., Terraform or Ansible)
• Solid understanding of SIEM tools (e.g., Splunk, ELK Stack, or Microsoft Sentinel) for monitoring, reporting, and integrating vulnerability data
• Familiarity with sources like CVE databases and vendor advisories, along with risk assessment methodologies to prioritize vulnerabilities based on exploitability and business impact
• Outstanding communication and collaboration abilities, with experience presenting technical findings, metrics, and recommendations to cross-functional teams and executive leadership-driving alignment in a dynamic environment

Along with competitive pay, as a full-time Tesla employee, you are eligible for the following benefits at day 1 of hire:

• Aetna PPO and HSA plans > 2 medical plan options with $0 payroll deduction
• Family-building, fertility, adoption and surrogacy benefits
• Dental (including orthodontic coverage) and vision plans, both have options with a $0 paycheck contribution
• Company Paid (Health Savings Account) HSA Contribution when enrolled in the High Deductible Aetna medical plan with HSA
• Healthcare and Dependent Care Flexible Spending Accounts (FSA)
• 401(k) with employer match, Employee Stock Purchase Plans, and other financial benefits
• Company paid Basic Life, AD&D, short-term and long-term disability insurance
• Employee Assistance Program
• Sick and Vacation time (Flex time for salary positions), and Paid Holidays
• Back-up childcare and parenting support resources
• Voluntary benefits to include: critical illness, hospital indemnity, accident insurance, theft & legal services, and pet insurance
• Weight Loss and Tobacco Cessation Programs
• Tesla Babies program
• Commuter benefits
• Employee discounts and perks program