Information Security Engineer Endpoint
Share
Job Location:
New York City, NY - USA
Yearly Salary:
$ 145000 - 200000
Posted on:
3 days ago
Vacancies:
1 Vacancy
Job Summary
A World-Changing Company
Palantir builds the worlds leading software for data-driven decisions and operations. By bringing the right data to the people who need it our platforms empower our partners to develop lifesaving drugs forecast supply chain disruptions locate missing children and more.
The Role
Were looking for someone who has spent years thinking adversarially about Windows and Active Directory not just operating them but understanding every layer of how they can be abused detected and hardened. If youve written detections for DCSync built hunting pipelines around Kerberos ticket anomalies or reverse-engineered a novel persistence mechanism in a Windows kernel driver this is the team you want to be on.
As an Information Security Engineer focused on Windows and Active Directory youll own the security of Palantirs global Windows infrastructure. Your team runs 24/7 prevention detection and investigation of security events across our entire environment. The adversaries we face are sophisticated. We need someone who is more so.
As an Information Security Engineer focused on Windows and Active Directory youll own the security of Palantirs global Windows infrastructure. Your team runs 24/7 prevention detection and investigation of security events across our entire environment. The adversaries we face are sophisticated. We need someone who is more so.
Core Responsibilities
- Own the security posture of Palantirs Windows and Active Directory estate hardening configuration standards and ongoing validation that those standards hold.
- Reduce attack surface across AD: audit and remediate misconfigurations legacy protocol exposure excessive privilege Kerberos delegation abuse and tier model violations.
- Evaluate deploy and own the configuration of defensive tooling across the Windows environment: EDR PAM identity threat detection and endpoint hardening controls.
- Build and maintain automation for security operations across Windows infrastructure patching pipelines configuration drift monitoring access reviews and credential hygiene.
- Partner with Identity and Infrastructure teams to drive architectural improvements: tiered administration Protected Users LAPS Credential Guard and authentication policy silos.
- Translate findings from assessments and red team exercises into durable fixes configuration changes architectural improvements and policy updates that reduce recurrence.
What Were Looking For
Active Directory
- Deep working knowledge of AD architecture: sites and services replication trust relationships delegation models and the LDAP schema.
- Hands-on experience investigating and detecting AD attacks across the full kill chain from initial enumeration through domain dominance.
- Familiarity with attack tooling (BloodHound Impacket Rubeus Mimikatz CrackMapExec) and critically what they leave behind.
- Experience hardening AD environments: tiered administration Protected Users LAPS Credential Guard PAM trusts and authentication policy silos.
Windows Internals
- Thorough understanding of Windows security architecture: access tokens privilege model integrity levels LSASS and credential storage SAM and the Security Reference Monitor.
- Ability to read and interpret Windows kernel structures driver behavior and undocumented APIs when necessary.
- Proficiency with low-level analysis tools: WinDbg Process Monitor Process Hacker Volatility and x64dbg.
- Experience with ETW-based telemetry pipelines and building detections on top of raw Windows event data.
Detection & Response
- Proven track record writing high-fidelity detection logic not just tuning vendor signatures.
- Experience leading complex incident response investigations including those involving nation-state or sophisticated criminal actors.
- Strong forensic fundamentals across disk memory and network artifacts on Windows systems.
What We Value
- Experience with Entra ID (Azure AD) hybrid identity architectures and cloud-based attack paths that pivot through on-prem AD.
- Prior work in adversary simulation red teaming or offensive security research especially against AD targets.
- Public contributions: conference talks (BlueHat BSides SANS etc.) blog posts or open-source tooling.
What We Require
- 5 years of hands-on security experience with the majority focused on Windows environments and Active Directory.
- Proficiency in Python or PowerShell for detection development automation and forensic tooling.
- Active TS/SCI security clearance or eligibility and willingness to obtain one.
- A portfolio of real work: detections youve written research youve published tools youve built or incidents youve led.
Salary
The estimated salary range for this position is estimated to be $145000 - $200000/year. Total compensation for this position may also include Restricted Stock units sign-on bonus and other potential future incentives. Further note that total compensation for this position will be determined by each individuals relevant qualifications work experience skills and other factors. This estimate excludes the value of any potential sign-on bonus; the value of any benefits offered; and the potential future value of any long-term incentives.
Our benefits aim to promote health and wellbeing across all areas of Palantirians lives. We work to continuously improve our offerings and listen to our community as we design and update them. The list below details our available benefits and some of the perks that can be enjoyed as an employee of Palantir Technologies.
Benefits
Employees (and their eligible dependents) can enroll in medical dental and vision insurance as well as voluntary life insurance
Employees are automatically covered by Palantirs basic life AD&D and disability insurance
Commuter benefits
Take what you need paid time off not accrual based
2 weeks paid time off built into the end of each year (subject to team and business needs)
10 paid holidays throughout the calendar year
Supportive leave of absence program including time off for military service and medical events
Paid leave for new parents and subsidized back-up care for all parents
Fertility and family building benefits including but not limited to adoption surrogacy and preservation
Stipend to help with expenses that come with a new child
Employees can enroll in Palantirs 401k plan
Life at Palantir
We want every Palantirian to achieve their best outcomes thats why we celebrate individuals strengths skills and interests from your first interview to your longterm growth rather than rely on traditional career ladders. Paying attention to the needs of our community enables us to optimize our opportunities to grow and helps ensure many pathways to success at Palantir. Promoting health and well-being across all areas of Palantirians lives is just one of the ways were investing in our community. Learn more at Life at Palantir and note that our offerings may vary by region.
In keeping consistent with Palantirs values and culture we believe employees are better together and in-person work affords the opportunity for more creative outcomes. Therefore we encourage employees to work from our offices to foster connectivity and innovation. Many teams do offer hybrid options (WFH a day or two a week) allowing our employees to strike the right trade-off for their personal productivity. Based on business need there are a few roles that allow for Remote work on an exceptional basis. If you are applying for one of these roles you must work from the state in which you are employed. If the posting is specified as Onsite you are required to work from an office.
If you want to empower the worlds most important institutions you belong here. Palantir values excellence regardless of background. We are proud to be an Equal Opportunity Employer for all including but not limited to Veterans and those with disabilities. Palantir is committed to making the application and hiring process accessible to everyone and will provide a reasonable accommodation for those living with a disability. If you need an accommodation for the application or hiring process please reach out and let us know how we can help.
If you would like to understand more about how your personal data will be processed by Palantir please see our .
Required Experience:
IC
About Company
We build software that empowers organizations to effectively integrate their data, decisions, and operations.
