Application Security Engineer

Application Security Engineer

Palantir builds the world's leading software for data-driven decisions and operations. Our platforms empower our partners to develop lifesaving drugs, forecast supply chain disruptions, locate missing children, and more. The mission of the Application Security Team is to enable developers to be highly productive, agile, and produce the most secure software possible. Given the mission critical work that Palantir does, investments in application security have never been more important.

As an application security engineer, you will be hands-on and have wide-ranging impact for the security of Palantir:

• Product security reviews: Perform full-scope security reviews of our current and future product and service portfolio.
• Architecture and design: Be the security subject matter expert for product architects and engineers. Threat model, assess risks, and help implement security controls and mitigations to address identified issues.
• Strategic security initiatives: Own transformational security initiatives that impact the whole company.
• Vulnerability identification and analysis: Find new and novel ways to identify and resolve security vulnerabilities in our products.

This role has wide-reaching impact, strong autonomy, and the resources and empowerment to make significant security improvements across all Palantir. Curiosity, tenacity, and a drive to be a world-class security engineer are the underpinnings of our team.

Core responsibilities include:

• Performing deep architecture and security reviews on highly complex products to identify vulnerabilities.
• Leading engineering teams in feature design, threat modeling, and security-critical code and architecture.
• Developing and implementing automation to eliminate entire classes of weaknesses across the organization.
• Driving decision-making by determining the tradeoffs between security and product design.
• Leading implementation of strategic security initiatives that improve security across Palantir.

What we value:

• Self-motivated, experience in solving complex problems.
• History and experience designing and shipping production-ready software.
• Strong communication and collaboration skills who feels comfortable working closely with engineering teams.
• Ability to learn and apply new technologies quickly and in complex deployments.

What we require:

• Development or software engineering experience and a deep passion for information security.
• Experience with a modern high-level programming language (e.g. Java, Golang, Javascript, Python, etc.).
• Demonstrated experience evaluating code for vulnerabilities.