Come join a small team of experts building the one of the most trusted IoT platform in the world connecting Tesla backends and our customers to their cars.
We are looking for a highly motivated engineer who truly believes in security as a first principle. Companies have talked for years about a future of “connected cars.” At Tesla, we’re at the forefront of innovation by providing a complete suite of rich backend services to our exponentially growing fleets. The team is operating and developing a rich eco-system in charge of any remote interaction with the vehicles (remote control, remote diagnostic, vehicle telemetry for self-learning Autopilot algorithm, mobile apps APIs, etc.). Our mobile applications allow customers to interact with their cars via real-time, low-latency two-way communication. Today we remotely identify potential vehicle issues before a customer does—and often fix problems remotely too. To this end information and product security is of the utmost importance.
We are looking for a highly motivated security software engineer specialized in web services and distributed systems. The platform you help us build will scale novel functionality to millions of Tesla devices and users.
Responsibilities
Proactively dive into existing code base to find chain of exploit and improve our overall security posture
Introduce new controls into the infrastructure platform that improves our defense in depth
Assist engineers in developing secure systems contributing to the spread of secure patterns and practices
Improve the applications following your findings after conducting security assessments, architecture reviews and threat modeling of the application stack
Partner with cross-functional teams to deliver widely impactful security initiatives
Demonstrate excellent judgement in prioritizing security efforts to mitigate the appropriate risks
Requirements
Few years of experience in security engineering or backend systems with security focus
Bachelor’s degree or higher in CS, CE, EE or the equivalent in experience
Cloud Security knowledge, need to have understanding/experience with Kubernetes
Demonstrated success contributing to scalable web applications
Experience in web application development or infrastructure/code auditing
Breadth of technical experience across various infrastructure and security areas and running in large production environments
Deep understanding of mobile & web application security threats, exploits, prevention
Proficiency in networking concepts (firewalls, load balancers, etc)
Keeps up with industry trends in security technology and threats
Strong belief in acquiring and spreading knowledge through mentorship and acting like an owner
Practical knowledge of applied cryptography and common attacks against modern cryptographic algorithms (encryption at rest, TLS, hashing, etc)
Experience with Go and/or Ruby is a plus
Ability to engineer solutions in the full-stack